Threat Feed
Dh0CbcmOCzrizJjZ.exe
2026-07-10T16:15:22.849
malicious
Windows Exe (x86-32)
Close
Dh0CbcmOCzrizJjZ.exe
malicious
SHA256:
76d09603b6280d22dcd73e00a87210a9b24273f93074031fd6a7134559544eae
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
4/5
Creates a new process masquerading as a system process
2/5
Executes dropped PE masquerading Filename
2/5
Reads network adapter information
2/5
Schedules task
2/5
Creates an unusually large number of processes
2/5
Collects hardware properties
1/5
Modifies application directory
1/5
Executes dropped PE file
1/5
Drops PE masquerading Filename
1/5
Modifies operating system directory
1/5
Writes an unusually large amount of data to the registry
1/5
Creates process with hidden window
1/5
Query OS Information
1/5
Enables process privileges
1/5
Possibly does reconnaissance
1/5
Performs DNS request
1/5
Queries system time
1/5
Connects to remote host
1/5
Creates mutex
1/5
Checks external IP address
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Enumerates running processes
1/5
Drops PE file
Backdoor
twGb6iKYY5HZVc3R.exe
2026-07-10T16:15:07.031
malicious
Windows Exe (x86-32)
Close
twGb6iKYY5HZVc3R.exe
malicious
SHA256:
fc9a836e7b4f328e7c00237fc2b3c4f1dd22707a000d9eed45bbe770030bf048
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
2/5
Delays execution
2/5
Suspicious content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Drops PE file
1/5
Queries system time
1/5
The binary file was created with a packer
1/5
Performs DNS request
1/5
Connects to remote host
Trojan
Worm
bjPx4UnGbTBJlY1G.exe
2026-07-10T16:13:50.576
malicious
Windows Exe (x86-32)
Close
bjPx4UnGbTBJlY1G.exe
malicious
SHA256:
16884a76771debab63be23c8a89cf9a7bb8175af542817dc44a9e1936daa7dff
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Creates a page with write and execute permissions
1/5
Creates mutex
1/5
Enables process privileges
1/5
Modifies operating system directory
1/5
Queries system time
Virus
h6YmcwE188Zg6thq.exe
2026-07-10T16:11:29.132
malicious
Windows Exe (x86-32)
Close
h6YmcwE188Zg6thq.exe
malicious
SHA256:
c49d3f28a77820a09fad38fb6217c15facd92fae2388fb1ba6a7ec749888a302
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
3/5
All network connection attempts failed
3/5
Suspicious content matched by YARA rules
2/5
Hides files
2/5
Deletes file after execution
2/5
Signed executable failed signature validation
1/5
Drops PE file
1/5
Executes dropped PE file
1/5
Queries system time
1/5
Possibly does reconnaissance
1/5
Modifies application directory
1/5
Creates mutex
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
A monitored process crashed
Hacktool
uO5C1SrcK0nzuqKb.exe
2026-07-10T16:09:59.175
malicious
Windows Exe (x86-32)
Close
uO5C1SrcK0nzuqKb.exe
malicious
SHA256:
e8a5705c3284a9a4eab9e9a8249226f3c658e80a8697de9f25b9ff24f4755d65
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
4/5
Process Hollowing
4/5
Writes into the memory of another process
4/5
Modifies control flow of another process
3/5
Monitors keyboard input
3/5
All network connection attempts failed
2/5
Searches for sensitive browser data
2/5
Reads sensitive browser data
2/5
Searches for sensitive FTP data
2/5
Searches for sensitive application data
2/5
Deletes file after execution
2/5
Schedules task
2/5
Creates an unusually large number of processes
2/5
Delays execution
2/5
Uses Alternate Data Stream (ADS) file attributes
2/5
Searches for sensitive mail data
1/5
Possibly does reconnaissance
1/5
Queries system time
1/5
Tries to detect debugger
1/5
Performs DNS request
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Drops PE file
1/5
Creates process with hidden window
1/5
Executes dropped PE file
1/5
Creates mutex
1/5
Installs system startup script or application
1/5
Enables process privileges
1/5
Monitors mouse movements and clicks
1/5
Reads mouse position
1/5
Reads from memory of another process
1/5
Creates a page with write and execute permissions
1/5
Enumerates running processes
1/5
Query OS Information
Spyware
Injector