A named extortion post, a hash-like marker, and an undisclosed target field make this look more like early threat intelligence than proof of compromise.