Threat Feed | Online Malware Sandbox

HTML Document

gXdmORvKhNxOCdwX.html

malicious

SHA256: bc2c37a1cd09f936efda4bbff56870ed9b5a67540b09de6f05f4a3880fa99458

VMRay Threat Identifiers

Severity

Operation

5/5

Combination of other detections indicates a phishing website

2/5

The HTML file contains logon form

2/5

Branded Logon form detected via Computer Vision

2/5

Page uses exact same title as that of a popular online service

1/5

Branding image detected via Computer Vision

1/5

Page presents itself as a logon page

Phishing

TNcKHRWempNcGSPu.exe

2026-04-29T10:06:53.005

Windows Exe (x86-32)

Backdoor

1571b85ea8ead1e967eb89105389d22b99d1f7ee0b08a5accbc6b8779537d580.exe

2026-04-29T10:00:30.519

Windows Exe (x86-32)

Spyware

Backdoor

Injector

tmpCF0E.html

2026-04-29T09:50:27.917

HTML Document

tmpCF0E.html

malicious

SHA256: 4a474e4484b33eb17a4fc65f3f61d3c1b16f01f65f20892fbdca6dfe6e2ef0d5

VMRay Threat Identifiers

Severity

Operation

5/5

Combination of other detections indicates a phishing website

3/5

Sends data via a Telegram bot

2/5

The HTML file contains logon form

1/5

Logon form detected via Computer Vision

1/5

Page presents itself as a logon page

1/5

Page contains clickables with luring keywords

Phishing