Threat Feed | Online Malware Sandbox

URL

https://brandgeniea.vercel.app/managermentquan/vJ4q7Zb8P1.html

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Page uses exact same title as that of a popular online service

2/5

Suspicious content matched by YARA rules

2/5

Page is served from a service commonly used for temporary hosting

1/5

Page uses exact branding image of a popular online service

1/5

Resource is loaded from a service commonly used for temporary hosting

1/5

Checks external IP address

Phishing

PCQPOLFU.msi

2025-06-08T13:07:22.441

MSI Setup

PCQPOLFU.msi

malicious

SHA256: a6ebe4b9ceb0b9ea7f044825d521c85d9bba41eecc402a167e8994dd68325890

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Entry point injection

4/5

DLL Hollowing

3/5

Suspicious content matched by YARA rules

2/5

Makes direct system call to possibly evade hooking based monitoring

2/5

Sets up server that accepts incoming connections

2/5

Suspicious content matched by YARA rules

2/5

Tries to detect application sandbox

2/5

Signed executable failed signature validation

2/5

Writes into the memory of a process started from a created or modified executable

2/5

Delays execution

2/5

Modifies control flow of a process started from a created or modified executable

1/5

Resolves API functions dynamically

1/5

Enables process privileges

1/5

Overwrites code

1/5

Modifies operating system directory

1/5

Creates mutex

1/5

Creates process with hidden window

1/5

Reads from memory of another process

1/5

Drops PE file

1/5

Creates a page with write and execute permissions

1/5

Loads a dropped DLL

1/5

Executes dropped PE file

1/5

Reads system data

1/5

Performs DNS request

1/5

Connects to remote host

Downloader

Injector

https://quazghuiwvepvep.vercel.app/backuppage.html/

2025-06-08T13:05:47.531

URL

https://quazghuiwvepvep.vercel.app/backuppage.html/

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Page is served from a service commonly used for temporary hosting

1/5

Page uses exact branding image of a popular online service

1/5

Resource is loaded from a service commonly used for temporary hosting

1/5

Checks external IP address

Phishing

f3xebZTbxvJ28Idl.html

2025-06-08T13:05:11.832

HTML Document

f3xebZTbxvJ28Idl.html

malicious

SHA256: 5d710925f7d1cd8f5db561bd1a7baf3297a73cb65cc448b2011f1916d149f076

VMRay Threat Identifiers

Severity

Operation

5/5

Combination of other detections indicates a phishing website

2/5

Page uses exact same title as that of a popular online service

2/5

The HTML file contains logon form

1/5

Page presents itself as a logon page

Phishing

https://quazghuiwvepvep-fumu.vercel.app/backuppage.html/

2025-06-08T13:02:55.020

URL

https://quazghuiwvepvep-fumu.vercel.app/backuppage.html/

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Page is served from a service commonly used for temporary hosting

1/5

Page uses exact branding image of a popular online service

1/5

Resource is loaded from a service commonly used for temporary hosting

1/5

Checks external IP address

Phishing