Threat Feed | Online Malware Sandbox

Windows Exe (x86-32)

03ZCLx4aYQDrsije.exe

malicious

SHA256: fc967370dc277d77004c59e6f019167ce9fd3fa8e80dae9d2e7124ec7046a7c3

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Allows invalid SSL certificates

2/5

Enables critical process privileges

1/5

Connects to remote host

1/5

A monitored process crashed

1/5

Drops PE file

1/5

Executes dropped PE file

1/5

Installs system service

1/5

Enables process privileges

1/5

Enumerates running processes

1/5

Modifies operating system directory

1/5

Creates mutex

Ransomware

GhlwnpwObkBEpuUX.exe

2026-02-18T20:40:21.377

Windows Exe (x86-32)

GhlwnpwObkBEpuUX.exe

malicious

SHA256: c7f73e86a1a864f210c5ef4701a4d36e9128430da7f48cf98656fc4610c1c2ff

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Accesses physical drive

2/5

Deletes file after execution

2/5

Sends control codes to a driver

2/5

Delays execution

2/5

Tries to detect virtual machine

2/5

Hides files

1/5

Resolves API functions dynamically

1/5

Drops PE file

1/5

Executes dropped PE file

1/5

Enumerates running processes

1/5

Query CPU Properties

1/5

Performs DNS request

1/5

Creates mutex

1/5

Enables process privileges

1/5

Modifies application directory

1/5

Creates process with hidden window

1/5

Tries to connect using an uncommon port

Evn89Zh8VfQyN77w.exe

2026-02-18T20:39:04.442

Windows Exe (x86-32)

Evn89Zh8VfQyN77w.exe

malicious

SHA256: 1973163d16eeff28ccb293729dd9634df4b8e1bd704abd12bff1fe9b7d507648

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Modifies native system functions

3/5

Tries to evade debugger

2/5

Makes direct system call to possibly evade hooking based monitoring

2/5

Tries to detect kernel debugger

2/5

Tries to detect virtual machine

1/5

Executes dropped PE file

1/5

Enumerates running processes

1/5

Creates process with hidden window

1/5

Drops PE file

1/5

Tries to detect debugger

Trojan

KHthtVrz6HutKIn5.exe

2026-02-18T20:38:27.586

Windows Exe (x86-32)

KHthtVrz6HutKIn5.exe

malicious

SHA256: 5de08c560e32a17d283540289f7bc3de7c04a72cc6d99d5b9e31f5cfd6fafb36

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

5/5

Known malicious mutex name is created

2/5

Deletes file after execution

2/5

Delays execution

1/5

Modifies operating system directory

1/5

Executes dropped PE file

1/5

Drops PE file

1/5

Installs system startup script or application

1/5

Creates process with hidden window

1/5

Resolves API functions dynamically

Spyware

Trojan

JQb0YND08bh5tiyW.exe

2026-02-18T20:35:25.564

Windows Exe (x86-32)

JQb0YND08bh5tiyW.exe

malicious

SHA256: d6c5270376cb5647c244a146d293d7928e0a48837d15381c21ebe3eae6c0d35b

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

5/5

Known malicious mutex name is created

2/5

Deletes file after execution

2/5

Delays execution

2/5

Suspicious content matched by YARA rules

1/5

Executes dropped PE file

1/5

Installs system startup script or application

1/5

Creates process with hidden window

1/5

Drops PE file

1/5

Modifies operating system directory

Spyware

Trojan