Threat Feed | Online Malware Sandbox

Windows Exe (x86-32)

ywN7ZRVxafL7Wo1m.exe

malicious

SHA256: 3ed2bf9d247bfb4c41a0566e25d9e31bd8507af224824bcfe0dd01a4139b8db2

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious file detected via reputation

3/5

Reads network configuration

2/5

Deletes file after execution

2/5

Sends control codes to a driver

2/5

Accesses physical drive

1/5

Drops PE file

1/5

Overwrites code

1/5

Resolves API functions dynamically

1/5

Executes dropped PE file

1/5

A monitored process crashed

1/5

Creates mutex

Hacktool

G5NW8TTWbyYGaxWc.exe

2025-04-03T00:45:44.904

Windows Exe (x86-32)

G5NW8TTWbyYGaxWc.exe

malicious

SHA256: 4550696e6e67e66e34d2785a7b81dc728dd59d87b86a3dc77d311ba3858280d5

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious host or URL detected via reputation

4/5

Malicious file detected via reputation

2/5

Allows invalid SSL certificates

1/5

Creates a page with write and execute permissions

1/5

Executes dropped PE file

1/5

Creates process with hidden window

1/5

Resolves API functions dynamically

1/5

Drops PE file

Ransomware

Virus

7fq0PwBJkR1rhpBD.exe

2025-04-03T00:45:02.391

Windows Exe (x86-32)

7fq0PwBJkR1rhpBD.exe

malicious

SHA256: 3a35de450f89eb21217d0a52df01dc796fd43bf5fb02c479d6b7b8503327209f

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious file detected via reputation

2/5

Allows invalid SSL certificates

1/5

Creates process with hidden window

1/5

Creates a page with write and execute permissions

1/5

Executes dropped PE file

1/5

Resolves API functions dynamically

1/5

Drops PE file

Ransomware

VOfpw7V8TXrUEViI.exe

2025-04-03T00:44:35.514

Windows Exe (x86-32)

VOfpw7V8TXrUEViI.exe

malicious

SHA256: fa59119030b7d7291f97ea16728f592d3e2ea1aab62172e0b57a60db818ea082

VMRay Threat Identifiers

Severity

Operation

5/5

QuasarRAT configuration was extracted

5/5

Malicious content matched by YARA rules

4/5

Malicious file detected via reputation

4/5

Modifies control flow of another process

4/5

Writes into the memory of another process

2/5

Accesses physical drive

2/5

Sends control codes to a driver

1/5

Creates process with hidden window

1/5

Resolves API functions dynamically

1/5

Reads from memory of another process

1/5

Creates a page with write and execute permissions

Backdoor

Injector

FYQbZNssjFtjWVUC.exe

2025-04-03T00:44:19.988

Windows Exe (x86-32)

FYQbZNssjFtjWVUC.exe

malicious

SHA256: 065bffbd67a1d7fb4785254adf361039921dec9bca93a7db46d5a27976e7cf39

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Malicious host or URL detected via reputation

4/5

Malicious file detected via reputation

2/5

Allows invalid SSL certificates

1/5

Creates a page with write and execute permissions

1/5

Executes dropped PE file

1/5

Creates process with hidden window

1/5

Resolves API functions dynamically

1/5

Drops PE file

Ransomware