Threat Feed | Online Malware Sandbox

Linux ELF Executable (x86-64)

003af394126e6bb1b7fed7182a0a13d1ab81a5d23c56b9a3ead97090be8bfecd

malicious

SHA256: 003af394126e6bb1b7fed7182a0a13d1ab81a5d23c56b9a3ead97090be8bfecd

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

5/5

Mirai configuration was extracted

3/5

All network connection attempts failed

1/5

Connects to remote host

1/5

Tries to connect using an uncommon port

Bot

IbgeRTgPguxhyhlP.exe

2026-05-28T14:49:37.999

Windows Exe (x86-32)

IbgeRTgPguxhyhlP.exe

malicious

SHA256: 06ec46f6d1f609aeafb8e8f5be8d12f8874902661394ce04094249558237c29d

VMRay Threat Identifiers

Severity

Operation

5/5

GuLoader configuration was extracted

5/5

Malicious content matched by YARA rules

3/5

Makes unaligned API calls to possibly evade hooking based sandboxes

3/5

Modifies native system functions

3/5

All network connection attempts failed

2/5

Tries to detect virtual machine

2/5

Delays execution

1/5

Content matched by YARA rules

1/5

Creates a page with write and execute permissions

1/5

Accesses volumes directly

Downloader

file.exe

2026-05-28T14:44:48.680

Windows Exe (x86-64)

file.exe

malicious

SHA256: e14cb7f34407a042fc6a20aebd73d36b0d7a91a724872988ec08e7e4e39934a6

VMRay Threat Identifiers

Severity

Operation

5/5

Combination of other detections shows multiple input capture behaviors

5/5

Malicious content matched by YARA rules

4/5

Writes into the memory of another process

4/5

Modifies control flow of another process

4/5

Process Hollowing

3/5

Monitors keyboard input

2/5

Suspicious content matched by YARA rules

2/5

Schedules task

2/5

Reads network adapter information

2/5

Queries OS info via WMI

1/5

Resolves API functions dynamically

1/5

Drops PE file

1/5

Timestamp manipulation

1/5

Creates a page with write and execute permissions

1/5

Creates mutex

1/5

Query OS Information

1/5

Enables process privileges

1/5

Creates process with hidden window

1/5

Enumerates running processes

1/5

Performs DNS request

1/5

Connects to remote host

1/5

Tries to connect using an uncommon port

1/5

Content matched by YARA rules

Spyware

Injector

m9hKuNG1SkUiJoTc.exe

2026-05-28T14:43:37.680

Windows Exe (x86-32)

m9hKuNG1SkUiJoTc.exe

malicious

SHA256: 0459c020742f5356d25d14f2cd937ecee923a54402246dc521452a6c9b353119

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

5/5

GuLoader configuration was extracted

3/5

Tries to evade debugger

3/5

Modifies native system functions

3/5

Makes unaligned API calls to possibly evade hooking based sandboxes

2/5

Tries to detect virtual machine

1/5

Creates process with hidden window

1/5

Drops PE file

1/5

Unusual large memory allocation

1/5

Tries to detect debugger

1/5

Creates a page with write and execute permissions

1/5

Installs system startup script or application

1/5

Content matched by YARA rules

Downloader

https://supanetsupanetnetnetenet.weebly.com

2026-05-28T14:36:32.613

URL

https://supanetsupanetnetnetenet.weebly.com

malicious

SHA256:

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

4/5

Phishing page detected via Machine Learning

2/5

Page is served from a service commonly used for temporary hosting

1/5

Content matched by YARA rules

1/5

Communicates via JSON RPC protocol

1/5

Resource is loaded from a service commonly used for temporary hosting

1/5

Logon form detected via Computer Vision

Phishing