Threat Feed | Online Malware Sandbox

URL

https://www.5mp.eu/fajlok2/scba/index_www.5mp.eu_.html

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Combination of other detections indicates a phishing website

4/5

Phishing page detected via Machine Learning

2/5

Page contains a branded logon form

2/5

Page uses exact same title as that of a popular online service

2/5

Branded Logon form detected via Computer Vision

1/5

Page presents itself as a logon page

1/5

Page uses exact branding image of a popular online service

1/5

Branding image detected via Computer Vision

1/5

Page secured via a Domain Validated SSL certificate

Phishing

https://updateaccountidentity.click

2026-02-26T20:41:51.709

URL

https://updateaccountidentity.click

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Combination of other detections indicates a phishing website

4/5

Phishing page detected via Machine Learning

2/5

Branded Logon form detected via Computer Vision

1/5

URL contains a TLD highly associated with phishing

1/5

Branding image detected via Computer Vision

1/5

Page presents itself as a logon page

1/5

Page secured via a Domain Validated SSL certificate

Phishing

faturavivo_clinton.1970.externalmail@riocell.com.br.lnk

2026-02-26T20:41:49.558

Windows Batch File (Shell Link)

faturavivo_clinton.1970.externalmail@riocell.com.br.lnk

malicious

SHA256: 38f730890ebf54ca91dacf1821ddd6af7faaf58abb157b76339d8672b330dc74

VMRay Threat Identifiers

Severity

Operation

5/5

Sets up server that accepts incoming connections

4/5

Abuses MSHTA to execute code

4/5

Attempts to connect through HTTPS

3/5

Suspicious content matched by YARA rules

2/5

Searches for sensitive browser data

2/5

Performs DNS request

1/5

URL contains a TLD highly associated with phishing

1/5

Connects to remote host

1/5

Query OS Information

Backdoor

https://ipfs.io/ipfs/bafkreihxkhc3zqivf7yc4ii5no5a7wuzk7j3rqg25dvwt4w6k3gd7tgmyi/

2026-02-26T20:41:32.775

URL

https://ipfs.io/ipfs/bafkreihxkhc3zqivf7yc4ii5no5a7wuzk7j3rqg25dvwt4w6k3gd7tgmyi/

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Logon form is hosted on a static web hoster

5/5

Combination of other detections indicates a phishing website

4/5

Phishing page detected via Machine Learning

2/5

Page is served from a service commonly used for temporary hosting

2/5

Contains a mark of the web from a known service

1/5

Content matched by YARA rules

1/5

Page presents itself as a logon page

1/5

Page secured via a Domain Validated SSL certificate

1/5

Logon form detected via Computer Vision

Phishing

https://manageaccountupdateserverwepssecurelknmsdajknjofnojwauohk.kedarnathwagle.com.np/?yyy

2026-02-26T20:40:37.526

URL

https://manageaccountupdateserverwepssecurelknmsdajknjofnojwauohk.kedarnathwagle.com.np/?yyy

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Combination of other detections indicates a phishing website

4/5

Phishing page detected via Machine Learning

2/5

Branded Logon form detected via Computer Vision

2/5

Page title matches the name of a popular online service

1/5

Page presents itself as a logon page

1/5

Branding image detected via Computer Vision

1/5

Page uses exact favicon of a popular online service

1/5

Page secured via a Domain Validated SSL certificate

Phishing