IOC Radar
SHA256MediumSignal 51/100

e9785ec2f27fc97cd57552c484dc34b650e116d090a98fc48f957c48e440ba7d

First Seen
Feb 24, 2026
Last Seen
Jun 1, 2026
Feb 24
First Seen
129d ago
Jun 1
Last Seen
32d ago
3
Reports
source reports
51%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

24 techniques

Feed Intelligence Summary

3 reports51% confidence
3
Source reports
51%
Confidence score
Category tags
active scanactive scanningapi abuseapt groupsbad reputationbrute forcecalls-wmicloud computingcloud infrastructurecloud migrationcloud securitycloud servicescloud storagecommunication protocolcontagious interview campaigncredential accesscredential harvestingcredential stuffingdata store exposuredisponibiledomainemailexploitation activityf httpsfile-hashhavenhttphttp scannerhttpshurryidentity & access exploitationil giocoindicatorinfrastructure acquisitionreconnaissancejiramalwaremimicratmulti-cloud managementnetwork scanningoperation olalampophishingphishing attackpossible reconnaissancereconnaissanceresearchedsocial engineeringspamspecialsubjectt1003t1059t1071t1071.001t1087t1110t1189t1190t1199t1204t1499.002t1534t1566t1566.001t1566.002t1566.003t1566.004t1587.001t1590.001t1595t1595.001t1595.002t1595.003t1598threat actortor nodetriton fork campaignweb application attackweb traffic

Activity Timeline

1 total obs
Jun 1Jun 1

Threat Activity Heatmap

· Peak: 2026-06-01
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC) represents a significant threat, indicating potential involvement in sophisticated malicious activity with a direct impact on organizational security. The elevated score of 51.37 strongly suggests that this SHA-256 hash is associated with a highly suspicious or confirmed malicious file. Its detection within an environment could signify a successful initial compromise, potentially leading to data exfiltration, lateral movement, or the deployment of further malic…

Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
3
Reports
First seenFeb 24, 2026
Last seenJun 1, 2026

VirusTotal

Not checked

WHOIS

description
RFC 822 mail, ASCII text, with very long lines (430u), with CRLF line terminators
references
IOCs.2026.csv, https://www.trendmicro.com/en_gb/research/26/b/spam-campaign-abuses-atlassian-jira.html

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 1 month ago
Appeared in 3 threat reports