Threat Feed | Online Malware Sandbox

Windows Exe (x86-32)

MwPUC4x8VhJrfIDO.exe

malicious

SHA256: 60a5780598611c6c06ffb3b1a092080c0ffb096429c800c55b2c069e01e6c5b9

VMRay Threat Identifiers

Severity

Operation

4/5

Monitors clipboard content

4/5

Modifies Windows Defender configuration

3/5

Captures clipboard data

2/5

Sets up server that accepts incoming connections

2/5

Reads network adapter information

2/5

Delays execution

1/5

Unusual large memory allocation

1/5

Timestamp manipulation

1/5

Creates mutex

1/5

Creates process with hidden window

1/5

Modifies operating system directory

1/5

Accesses Microsoft Security Software registry keys

1/5

Installs system startup script or application

1/5

Executes dropped PE file

1/5

Performs DNS request

1/5

Connects to remote host

1/5

Content matched by YARA rules

1/5

Resolves API functions dynamically

1/5

Drops PE file

Keylogger

OYU0heK9jrpiGErd.exe

2026-06-07T16:39:46.306

Windows Exe (x86-32)

OYU0heK9jrpiGErd.exe

malicious

SHA256: 5df8601185ca823169e24b65733be9c3506ba33143f74789f30d51e2fb707b7c

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Tries to evade debugger

3/5

Modifies native system functions

2/5

Tries to detect kernel debugger

2/5

Tries to detect virtual machine

2/5

Makes direct system call to possibly evade hooking based monitoring

1/5

Drops PE file

1/5

Executes dropped PE file

1/5

Enumerates running processes

1/5

Tries to detect debugger

Trojan

WsoaytLxbKMA9Dhv.exe

2026-06-07T16:38:51.127

Windows Exe (x86-64)

WsoaytLxbKMA9Dhv.exe

malicious

SHA256: 14d009ca9f8cc2ecf240c95d5711ee87a144f24a95c0127003bffa347721fb20

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Modifies control flow of another process

4/5

Writes into the memory of another process

2/5

Delays execution

2/5

Deletes file after execution

1/5

Reads from memory of another process

1/5

Creates a page with write and execute permissions

1/5

Resolves API functions dynamically

1/5

A monitored process crashed

1/5

Creates mutex

1/5

Creates process with hidden window

1/5

Downloads executable

Downloader

Injector

2O3gipycact3Sp85.exe

2026-06-07T16:37:28.763

Windows Exe (x86-32)

2O3gipycact3Sp85.exe

malicious

SHA256: addffbaf576800d08d84ffa31f710ddd1d3580ddc05c514f6f87e189c1c1221e

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Allows invalid SSL certificates

2/5

Enables critical process privileges

1/5

Performs DNS request

1/5

Connects to remote host

1/5

URL contains a TLD highly associated with phishing

1/5

A monitored process crashed

1/5

Drops PE file

1/5

Executes dropped PE file

1/5

Installs system service

1/5

Enables process privileges

1/5

Enumerates running processes

1/5

Modifies operating system directory

1/5

Creates mutex

Ransomware

e21DQSshtLFS08Fw.exe

2026-06-07T16:34:51.721

Windows Exe (x86-32)

e21DQSshtLFS08Fw.exe

malicious

SHA256: d2d7ecc722791410c116dc1b29c8dd30b4510885033c000f9df0a6b1529f42ae

VMRay Threat Identifiers

Severity

Operation

5/5

Known malicious mutex name is created

2/5

Creates an unusually large number of processes

1/5

Drops PE file

1/5

The binary file was created with a packer

1/5

Executes dropped PE file

1/5

Installs system service

1/5

Modifies operating system directory

1/5

Modifies application directory

1/5

A monitored process crashed

Virus