IOC Radar
SHA256MediumSignal 40/100

f0065bf3cdaf66cf4412d0fc8496619c903dd725df77054a5b751dd2999eaecc

Location
UkraineUkraine
First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Apr 16
First Seen
59d ago
Apr 23
Last Seen
51d ago
2
Reports
source reports
40%
Confidence
medium
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
40%
Signal Score
40 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Feed Intelligence Summary

2 reports40% confidence
2
Source reports
40%
Confidence score
Category tags
acceptacrongl integbackbazaarcache entrycalls processchrome cachecloseentryeuropefile-hashfirstgif imageindicatorinfolcidmitre attmwdbnextntopenfile filepathphishingpng imageresearchedriffservicessdeepstreamstringformatstringformatdott1003t1012t1014t1036t1046t1055t1056t1071t1082t1083t1095t1140t1203t1221t1485t1496t1542t1564t1566t1573threat actortoggletor nodeukraineunitedunixvp8 encodingwebp imagewindows sandboxx85bxa1pyuv color

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
40
SIGNAL
Signal Score
40%
Confidence
2
Reports
First seenApr 16, 2026
Last seenApr 23, 2026

VirusTotal

Not checked

WHOIS

description
Here is the full text of Yomi's Verdict, which was sent to the BBC by the MITRE team and is now available to view via the web browser, via iPlayer, £1.
references
https://vtbehaviour.commondatastorage.googleapis.com/f7ebd7d3f17db46f3bb8acd5ae264953d9176cf3f250e05f0bbbfc312d37be07_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776295422&Signature=MGWQsvbK%2B2fzrIXTtkiC8a4hyB42AqIP%2BEYXiYCIQunSYrk3mxbrKM70fNx%2Bnk%2BqR8PHxvPuhe3s0SL1u6JizNPvRu%2FI%2Fr6M0FQnaCaDjJmN9xWKFtyiqCrJmG3YuDnhWyJpFBDJjEPRUTdc3ZQNc6mc9yHGlT3ReRPPj4WmyXPQiyR%2B9OhTVVph7xsVgk%2BNfZ4RKGrJS0kYj9BsMLJpUU2WiqIJxxFhQI%2FsubPcbRl9SSLi66Sc, https://vtbehaviour.commondatastorage.googleapis.com/f7ebd7d3f17db46f3bb8acd5ae264953d9176cf3f250e05f0bbbfc312d37be07_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776295548&Signature=RKMl9Ti%2FIEwtVcecQkZvvcGP8IRy%2BOarFR0pAA1%2FwIeDTwGqYrAtzLQuLQanu9XcwhzxxjencTEt7C0aekGtzZubGI1CqGmsZwt9HZwmSg5bwM1Mrg6q98HNY14aPYkfvyoWwGqIe%2FBc56KMYG2IQtkp4BI110vNYueOxVdjH7ucAj7VmP5LM%2FMSPZS6FGZOXUGz5uT9dWgmzH84nj0GGXgxzopu7KstQyXUfSe2yoRkYQ2O1weE, https://vtbehaviour.commondatastorage.googleapis.com/5a6a63c3d1545331e7956c8beb13f886cc041dc60ac3b6ca8a37c4e9ee9b4835_Yomi%20Hunter.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776295630&Signature=TWmnms0j0EAynoVgzAAGnFNZ59548rJO8tXmmDJgPTaMSVEC66%2BiaIuxJdIjws23FyDkw5Q%2BHCPjbG96Tu2xMfJ4MMgCW10JC48yAgqfpHkeataovA7w3qEBAeyk5I6T%2B6gJ8w%2Bn4QCcjhGhNmaQTYB64TylVV7sJHS6ZgMcLjmB8601iHsLImh8d5pqYXP02vB9jxGojeqoESQ2dhme8MwnzE6tio4xIFpNEdjDjBvgHMPbx5E4f9b, https://vtbehaviour.commondatastorage.googleapis.com/5a6a63c3d1545331e7956c8beb13f886cc041dc60ac3b6ca8a37c4e9ee9b4835_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776295686&Signature=e7ilcyg3a0lgCevSKe3wPqb2tRyDyMpmafAu0uPw81VkvqwyU66fBup558Ffl4F81tkypdO1bctU6ufCZrhundVPG%2FjETxKdFFvK%2FScl1Q1SQ2QpRR3YLuvdTg%2FcXqqqLmZ%2BhYe74Wbp8sBMXuMEQSfdZO%2FSoUAxTxF%2FWwfS7aNC8ePcbnl50oI1MRDx0KNodRC3qXoICpUlcL%2FYWtlZMbi67A4qz0HLsz%2B9%2Fj, https://vtbehaviour.commondatastorage.googleapis.com/5a6a63c3d1545331e7956c8beb13f886cc041dc60ac3b6ca8a37c4e9ee9b4835_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776295707&Signature=bFkDOzIAOCZFSxQYdRvHOOIs6LTlLcdExd362Gq1NaK15UiMHX9QT5qHKi42FwP7JAHKv1QHajbGumSMwOtprT5hliFeSV2sw%2BWZ66D0h6%2FChZzROiBuxC6bjaFhnJI8yr2q7TbpC0sGdk%2BGAY8PxRMeNgwZ1VJzNfbkCErzMK%2FTe0jH%2BA0ejQCgeVMwRydbOzl091fXkrl4ombfZJqGFRBzUPUqqUQE3xU4fVDSnT2L%2FKWfHw, https://vtbehaviour.commondatastorage.googleapis.com/5a6a63c3d1545331e7956c8beb13f886cc041dc60ac3b6ca8a37c4e9ee9b4835_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776295736&Signature=OLEx8EplUxZPrF7FhVUZaNqWvPDJu%2Bf7aIpde%2B0wDXGjVso%2BPaIRoZt%2B%2BysT5WjpPpI8cNTbb%2BgPLAT80hcjvZqZv4Jpt%2BfniNnG6sT86NLmmUr8PzZNJeqw4tFKteQCWOiwzF0qJ4Jrv%2BjwmOxizSFEQYwX7JdqRYmCd1kVtEM3PgQqX5%2BW2gAlpSPM2N61J6N5YOhvaHMp52tGKEbaYGMaakcmL7%2FqPuUqJ4a%2FD0y5GE%2

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 2 threat reports