Threat Feed | Online Malware Sandbox

Windows Exe (x86-32)

8bd9TGTS2vqqLRIx.exe

malicious

SHA256: 779f6e9ef38d146184059edb4e4bc83dcde48fb1887ddd23f2bcb8bbe2667286

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious host or URL detected via reputation

4/5

Malicious file detected via reputation

2/5

Allows invalid SSL certificates

1/5

Executes dropped PE file

1/5

Resolves API functions dynamically

1/5

Creates process with hidden window

1/5

Drops PE file

Ransomware

S6XRRtE4jcyp70KU.exe

2024-11-20T22:39:20.676

Windows Exe (x86-64)

S6XRRtE4jcyp70KU.exe

malicious

SHA256: 7399343f9220607ba352317dfc032bab5c96b17b006375d19053cdce89fe3b8a

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious host or URL detected via reputation

4/5

Malicious file detected via reputation

2/5

Makes direct system call to possibly evade hooking based monitoring

2/5

Allows invalid SSL certificates

1/5

Enumerates running processes

1/5

A monitored process crashed

Hacktool

dRICF1h0yTbqWsw9.exe

2024-11-20T22:39:08.211

Windows Exe (x86-32)

dRICF1h0yTbqWsw9.exe

malicious

SHA256: 9d840b1bff6d74a4b366b2e46f42bbd71b5f64277e0f5463b763d8bcacbba7fb

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious host or URL detected via reputation

4/5

Malicious file detected via reputation

3/5

All network connection attempts failed

2/5

Allows invalid SSL certificates

1/5

Drops PE file

1/5

Executes dropped PE file

1/5

Resolves API functions dynamically

1/5

Creates process with hidden window

Ransomware

kEeJHPmcoLHUHu4w.exe

2024-11-20T22:32:28.765

Windows Exe (x86-64)

kEeJHPmcoLHUHu4w.exe

malicious

SHA256: c77276ec6dd1928c6f3d03deeac5bc7b712612b3845adc049fe71770c529014b

VMRay Threat Identifiers

Severity

Operation

5/5

Cobalt Strike configuration was extracted

5/5

Malicious content matched by YARA rules

4/5

Malicious file detected via reputation

3/5

Suspicious content matched by YARA rules

1/5

Creates process with hidden window

1/5

Drops PE file

1/5

Executes dropped PE file

1/5

Creates mutex

1/5

Modifies operating system directory

1/5

A monitored process crashed

Hacktool

qNQG0OjpX6MQZKF8.exe

2024-11-20T22:30:48.018

Windows Exe (x86-32)

qNQG0OjpX6MQZKF8.exe

malicious

SHA256: 6f9276d58b34cee4d1d428b3220ac190e9dc863d3f448c1e94d697e6497a84dd

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious host or URL detected via reputation

4/5

Malicious file detected via reputation

2/5

Allows invalid SSL certificates

1/5

Executes dropped PE file

1/5

Resolves API functions dynamically

1/5

Creates process with hidden window

1/5

Drops PE file

Ransomware