Threat Feed | Online Malware Sandbox

Windows Exe (x86-32)

2kXWvlr6TosB7Hz6.exe

malicious

SHA256: f8f22e62ab7475853a773b011af7482488a73370e5123b55fbb402219d85e59e

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

5/5

GCleaner configuration was extracted

3/5

Monitors user input

3/5

All network connection attempts failed

2/5

Delays execution

1/5

Resolves API functions dynamically

Downloader

HFF1Lt5MgwK9VHlf.exe

2026-06-21T16:57:44.266

Windows Exe (x86-64)

HFF1Lt5MgwK9VHlf.exe

malicious

SHA256: 85d1fb28b3e7acee663f40421936fbafdf4b7d432a658e1886a3a29d6bc2a0f0

VMRay Threat Identifiers

Severity

Operation

5/5

Known malicious mutex name is created

5/5

Malicious content matched by YARA rules

5/5

XWorm configuration was extracted

3/5

Redirect program startups

2/5

Signed executable failed signature validation

2/5

Reads network adapter information

2/5

Creates a new process from a system binary

1/5

Drops PE file

1/5

Executes dropped PE file

1/5

Creates process with hidden window

1/5

Accesses volumes directly

1/5

Enables process privileges

1/5

Modifies application directory

1/5

Query OS Information

1/5

Installs system startup script or application

1/5

Performs DNS request

1/5

Connects to remote host

Spyware

TFJFj3yxepEXJZTN.exe

2026-06-21T16:53:38.791

Windows Exe (x86-32)

TFJFj3yxepEXJZTN.exe

malicious

SHA256: 0549dca2e291e88102e449bf0cd624b7a2cb0c005b73797a3c5a5dfb764243ab

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Suspicious content matched by YARA rules

3/5

All network connection attempts failed

2/5

Signed executable failed signature validation

2/5

Deletes file after execution

2/5

Hides files

1/5

Creates mutex

1/5

Modifies application directory

1/5

Resolves API functions dynamically

1/5

Drops PE file

1/5

Executes dropped PE file

Hacktool

OfLoFZoWHLWM57wo.exe

2026-06-21T16:52:43.548

Windows Exe (x86-32)

OfLoFZoWHLWM57wo.exe

malicious

SHA256: 4560705eb92a48e74387488b3ec4b723d414d73be0322751654ae157804d9f6f

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Tries to evade debugger

2/5

Hides files

2/5

Tries to detect virtual machine

1/5

Executes dropped PE file

1/5

Detects filename manipulation

1/5

Obfuscates control flow

1/5

Tries to detect debugger

1/5

Drops PE file

Trojan

YSRjVRnVxVCBvxdz.exe

2026-06-21T16:51:58.933

Windows Exe (x86-32)

YSRjVRnVxVCBvxdz.exe

malicious

SHA256: 1497d552440ca53fd144c2b5e06bfcae4547d8f5baa1e11ce6614853ff6030bb

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Allows invalid SSL certificates

1/5

Creates process with hidden window

1/5

Creates a page with write and execute permissions

1/5

Resolves API functions dynamically

1/5

Drops PE file

1/5

Executes dropped PE file

Ransomware