Threat Feed | Online Malware Sandbox

Windows Exe (x86-32)

QdIbRHUhhuQEsbmN.exe

malicious

SHA256: bbd02ff59317e5b9fedf855a5bb8f1b025bfe351f57fee8671fa339b5307dee9

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Hides files

2/5

Searches for sensitive browser data

1/5

Modifies operating system directory

1/5

Content matched by YARA rules

1/5

Obfuscates control flow

1/5

Resolves API functions dynamically

1/5

Creates an unusually large number of files

1/5

Creates a page with write and execute permissions

1/5

Drops PE file

1/5

Modifies application directory

1/5

Possibly does reconnaissance

Virus

GJdMNIcY4vCCR8w2.exe

2026-04-20T08:46:27.128

Windows Exe (x86-32)

GJdMNIcY4vCCR8w2.exe

malicious

SHA256: 39f9c089136a6163f386446fc5d6400d5e59515b1d010ad6f33bcac816298898

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Hides files

2/5

Searches for sensitive browser data

1/5

Modifies operating system directory

1/5

Content matched by YARA rules

1/5

Obfuscates control flow

1/5

Resolves API functions dynamically

1/5

Creates a page with write and execute permissions

1/5

Drops PE file

1/5

Modifies application directory

1/5

Possibly does reconnaissance

Virus

TuXHPV8dyjNSYOu6.exe

2026-04-20T08:41:29.675

Windows Exe (x86-32)

TuXHPV8dyjNSYOu6.exe

malicious

SHA256: df881bef1a81610b25b1ebb5ec7dd2f1251deb0c6147e46eef56a53816f10af2

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Creates a new process from a system binary

2/5

Deletes file after execution

2/5

Creates an unusually large number of processes

2/5

Accesses physical drive

2/5

Sends control codes to a driver

2/5

Reads network adapter information

1/5

Drops PE file

1/5

Modifies application directory

1/5

Executes dropped PE file

1/5

Creates process with hidden window

1/5

Enumerates running processes

1/5

Tries to detect debugger

1/5

Creates a page with write and execute permissions

1/5

Downloads file

1/5

Content matched by YARA rules

Trojan

w8jLsqmF3kE5CQ6h.exe

2026-04-20T08:41:12.723

Windows Exe (x86-32)

w8jLsqmF3kE5CQ6h.exe

malicious

SHA256: 1fa0689817edee34b6bd5ef90f2c34b9b9261687891052cf59cb28e7e535e689

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Creates file(s) in the .NET assembly directory to hide them from Windows Explorer

2/5

Hides files

2/5

Searches for sensitive browser data

1/5

Obfuscates control flow

1/5

Resolves API functions dynamically

1/5

Creates an unusually large number of files

1/5

Creates a page with write and execute permissions

1/5

Drops PE file

1/5

Modifies application directory

1/5

Possibly does reconnaissance

1/5

Modifies operating system directory

Virus

NV0MVUTHlYEa9k7g.exe

2026-04-20T08:39:55.791

Windows Exe (x86-32)

NV0MVUTHlYEa9k7g.exe

malicious

SHA256: df90ec2eb1071466fcac57afe934b10124c2aae2f32cc74a2033d75b2b746f05

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Creates file(s) in the .NET assembly directory to hide them from Windows Explorer

2/5

Searches for sensitive browser data

2/5

Hides files

1/5

Resolves API functions dynamically

1/5

Creates an unusually large number of files

1/5

Creates a page with write and execute permissions

1/5

Drops PE file

1/5

Modifies application directory

1/5

Possibly does reconnaissance

1/5

Modifies operating system directory

Virus