SHA256MediumSignal 100/100
ffa22c40ac69750b229654c54919a480b33bc41f68c128f5e3b5967d442728fb
First Seen
Jun 9, 2022
Last Seen
May 23, 2026
Jun 9
First Seen
1485d ago
May 23
Last Seen
41d ago
15
Reports
source reports
99%
Confidence
medium
37/75
VirusTotal
detections
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
15 reports99% confidence
15
Source reports
99%
Confidence score
Category tags
abuseactive scanaerospace & defenseaescbcbad reputationbase64command executioncommunication protocolcookiecryptocurrencycryptolaemus1cutwaildata exfiltrationdata store exposuredefensedefense contractingdefense logisticsdefense systemsdefense technologydllsdocxeurope/asiaexec commandexecutable fileexploitexploitation activityfile-hashfollinageodoguloaderheodohttp scannerindicatorinformation technologyingress tool transferinjection activityiot securityit infrastructurekonnilazarusmalicious downloadmalicious powershell activitymalicious softwaremalwaremalware distributionmalwarebazaarmilitary operationsnational securitynumberofficephishingpingproc commandprocess injectionratremote accessresearchedrussiascripting attackssmsspysoftware developmentt1055t1059.001t1071.001t1086t1105t1190t1204.002t1486t1499.002t1565t1566textthreat actortontotor nodetrojan malwareuplduploadweb trafficwoodywoody ratwoodyratword
Activity Timeline
May 23May 23
Threat Activity Heatmap
· Peak: 2026-05-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), a highly malicious SHA-256 hash with a perfect score of 100.0, signifies a critical threat to organizational security. Its presence strongly indicates an active or attempted compromise involving sophisticated tactics, potentially leading to severe consequences such as data encryption for impact (ransomware), extensive data exfiltration, or complete system disruption. The associated threat actor, Opal Sleet (an APT group), is known for utilizing advanced techni…
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
15
Reports
First seenJun 9, 2022
Last seenMay 23, 2026
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 years ago · Last seen 1 month ago
Appeared in 15 threat reports