SHA256MediumSignal 51/100
e9785ec2f27fc97cd57552c484dc34b650e116d090a98fc48f957c48e440ba7d
First Seen
Feb 24, 2026
Last Seen
Jun 1, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
3 reports51% confidence
3
Source reports
51%
Confidence score
Category tags
active scanactive scanningapi abuseapt groupsbad reputationbrute forcecalls-wmicloud computingcloud infrastructurecloud migrationcloud securitycloud servicescloud storagecommunication protocolcontagious interview campaigncredential accesscredential harvestingcredential stuffingdata store exposuredisponibiledomainemailexploitation activityf httpsfile-hashhavenhttphttp scannerhttpshurryidentity & access exploitationil giocoindicatorinfrastructure acquisitionreconnaissancejiramalwaremimicratmulti-cloud managementnetwork scanningoperation olalampophishingphishing attackpossible reconnaissancereconnaissanceresearchedsocial engineeringspamspecialsubjectt1003t1059t1071t1071.001t1087t1110t1189t1190t1199t1204t1499.002t1534t1566t1566.001t1566.002t1566.003t1566.004t1587.001t1590.001t1595t1595.001t1595.002t1595.003t1598threat actortor nodetriton fork campaignweb application attackweb traffic
Activity Timeline
Jun 1Jun 1
Threat Activity Heatmap
· Peak: 2026-06-01LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC) represents a significant threat, indicating potential involvement in sophisticated malicious activity with a direct impact on organizational security. The elevated score of 51.37 strongly suggests that this SHA-256 hash is associated with a highly suspicious or confirmed malicious file. Its detection within an environment could signify a successful initial compromise, potentially leading to data exfiltration, lateral movement, or the deployment of further malic…
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
3
Reports
First seenFeb 24, 2026
Last seenJun 1, 2026
VirusTotal
Not checked
WHOIS
- description
- RFC 822 mail, ASCII text, with very long lines (430u), with CRLF line terminators
- references
- IOCs.2026.csv, https://www.trendmicro.com/en_gb/research/26/b/spam-campaign-abuses-atlassian-jira.html
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 months ago · Last seen 1 month ago
Appeared in 3 threat reports