Threat Feed
AKL23jNtxecQRbsm.exe
2026-05-23T17:45:38.696
malicious
Windows Exe (x86-32)
Close
AKL23jNtxecQRbsm.exe
malicious
SHA256:
d2c78ec350cdbd3fed9d60fdae4771e549ac75960d9d4b91a9bfa1d35844b20a
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Known malicious mutex name is created
5/5
Malicious content matched by YARA rules
3/5
Redirect program startups
2/5
Searches for sensitive remote access configuration data
2/5
Searches for sensitive password manager data
2/5
Searches for sensitive application data
2/5
Searches for sensitive mail data
2/5
Searches for sensitive browser data
2/5
Signed executable failed signature validation
1/5
Unusual large memory allocation
1/5
Resolves API functions dynamically
1/5
Drops PE file
1/5
Modifies application directory
1/5
Executes dropped PE file
1/5
Timestamp manipulation
1/5
Modifies operating system directory
Virus
JA6ESKn8wYyTwtM2.exe
2026-05-23T17:45:22.489
malicious
Windows Exe (x86-64)
Close
JA6ESKn8wYyTwtM2.exe
malicious
SHA256:
ff688577207a52654d618460a069f50432bfe37df7b3abf70a45c74457c31f2b
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
3/5
Uses HTTP to upload a large amount of data
2/5
Searches for sensitive password manager data
2/5
Creates an unusually large number of processes
2/5
Sends control codes to a driver
2/5
Sets up server that accepts incoming connections
2/5
Delays execution
2/5
Makes direct system call to possibly evade hooking based monitoring
2/5
Searches for sensitive application data
2/5
Enables critical process privileges
2/5
Searches for sensitive remote access configuration data
1/5
A monitored process crashed
1/5
Creates mutex
1/5
Modifies operating system directory
1/5
Installs system service
1/5
Enables process privileges
1/5
Modifies application directory
1/5
Accesses volumes directly
1/5
Enumerates running processes
1/5
Performs DNS request
1/5
Resolves API functions dynamically
1/5
Creates a page with write and execute permissions
Virus
XY4fSSuASzEPjyWm.exe
2026-05-23T17:44:43.445
malicious
Windows Exe (x86-32)
Close
XY4fSSuASzEPjyWm.exe
malicious
SHA256:
8ea9f431a598520fb05109fb7f5c01b32e14ef227ed7129a8c860fb583aec1f5
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
3/5
Creates file(s) in the .NET assembly directory to hide them from Windows Explorer
1/5
Modifies operating system directory
1/5
Drops PE file
1/5
Creates process with hidden window
1/5
Drops PE masquerading Filename
1/5
Tries to detect debugger
1/5
Creates a page with write and execute permissions
1/5
Possibly does reconnaissance
1/5
Timestamp manipulation
1/5
Modifies application directory
xiqb0noz355Bh2ud.exe
2026-05-23T17:44:30.741
malicious
Windows Exe (x86-32)
Close
xiqb0noz355Bh2ud.exe
malicious
SHA256:
78698e1af7c71267b2d2f459d6a4d6b481ee6c1b01cb604273a5cd3cb40e6157
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
2/5
Searches for sensitive browser data
2/5
Hides files
1/5
Modifies operating system directory
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Creates an unusually large number of files
1/5
Creates a page with write and execute permissions
1/5
Drops PE file
1/5
Modifies application directory
1/5
Possibly does reconnaissance
Virus
gc9D1ajPITEMc21L.exe
2026-05-23T17:40:01.988
malicious
Windows Exe (x86-32)
Close
gc9D1ajPITEMc21L.exe
malicious
SHA256:
1d6fcf273826cd5d8d1242f5fbd5984252ea3a26d9f88efb37dee6d9e2ecd4ea
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
1/5
Modifies application directory
1/5
Tries to detect debugger
1/5
Creates a page with write and execute permissions
1/5
Possibly does reconnaissance
1/5
Drops PE file
1/5
Creates process with hidden window
1/5
Timestamp manipulation