Threat Feed
4TahNPrULyJChSTi.exe
2026-05-29T15:00:51.392
malicious
Windows Exe (x86-64)
Close
4TahNPrULyJChSTi.exe
malicious
SHA256:
f091301c12a4ceab8f724dd083c66f47f1365eca5f7b726686b4132093606185
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
5/5
BlankGrabber configuration was extracted
2/5
Signed executable failed signature validation
1/5
Drops PE file
1/5
Loads a dropped DLL
1/5
Content matched by YARA rules
1/5
Drops PE masquerading Filename
1/5
Resolves API functions dynamically
1/5
A monitored process crashed
Spyware
SecuriteInfo.com.Win64.MalwareX-gen.46438258.exe
2026-05-29T14:53:40.663
malicious
Windows Exe (x86-64)
Close
SecuriteInfo.com.Win64.MalwareX-gen.46438258.exe
malicious
SHA256:
eaa52e1968c4b8f8beb2fe508e9eea9beedd66964850e2383d2b56c5a3f98f51
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Combination of other detections shows configuration discovery
4/5
Makes indirect system call to possibly evade hooking based monitoring
3/5
Reads installed applications
3/5
Tries to evade debugger
3/5
Takes screenshot
3/5
Suspicious content matched by YARA rules
3/5
Tries to detect the presence of antivirus software
2/5
Suspicious content matched by YARA rules
2/5
Sends control codes to a driver
2/5
Collects hardware properties
2/5
Queries OS info via WMI
2/5
Enumerates running processes
2/5
Executes PowerShell without default profile
2/5
Uses system binaries to initiate network connections
2/5
Executes PowerShell with hidden window
2/5
Schedules task
2/5
Reads network adapter information
2/5
Searches for sensitive application data
2/5
Searches for sensitive mail data
2/5
Delays execution
2/5
Searches for sensitive browser data
1/5
Enumerates running processes
1/5
Reads from memory of another process
1/5
Creates mutex
1/5
Reads system data
1/5
Creates process with hidden window
1/5
Possibly does reconnaissance
1/5
Performs DNS request
1/5
Connects to remote host
1/5
Downloads file
1/5
URL contains a TLD highly associated with phishing
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Downloads executable
1/5
Reads mouse position
1/5
Accesses Microsoft Security Software registry keys
1/5
Accesses volumes directly
1/5
Tries to detect debugger
1/5
Creates a page with write and execute permissions
1/5
Enables process privileges
1/5
Unusual large memory allocation
Spyware
Downloader
SecuriteInfo.com.Win64.MalwareX-gen.77361669.exe
2026-05-29T14:52:40.491
malicious
Windows Exe (x86-64)
Close
SecuriteInfo.com.Win64.MalwareX-gen.77361669.exe
malicious
SHA256:
9ca2ebb826a8d0de58eea5a1afb5f6f76adb3938feef9604725508452b0a2e08
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Combination of other detections shows configuration discovery
4/5
Makes indirect system call to possibly evade hooking based monitoring
3/5
Takes screenshot
3/5
Tries to detect the presence of antivirus software
3/5
Reads installed applications
3/5
Tries to evade debugger
3/5
Suspicious content matched by YARA rules
2/5
Sends control codes to a driver
2/5
Collects hardware properties
2/5
Queries OS info via WMI
2/5
Executes PowerShell without default profile
2/5
Enumerates running processes
2/5
Signed executable failed signature validation
2/5
Uses system binaries to initiate network connections
2/5
Executes PowerShell with hidden window
2/5
Schedules task
2/5
Searches for sensitive mail data
2/5
Delays execution
2/5
Reads network adapter information
2/5
Suspicious content matched by YARA rules
2/5
Searches for sensitive browser data
1/5
Creates mutex
1/5
Reads system data
1/5
Reads from memory of another process
1/5
Creates process with hidden window
1/5
Possibly does reconnaissance
1/5
Performs DNS request
1/5
Connects to remote host
1/5
Downloads file
1/5
URL contains a TLD highly associated with phishing
1/5
Resolves API functions dynamically
1/5
Drops PE file
1/5
Timestamp manipulation
1/5
Downloads executable
1/5
Reads mouse position
1/5
Tries to detect debugger
1/5
Accesses Microsoft Security Software registry keys
1/5
Accesses volumes directly
1/5
Creates a page with write and execute permissions
1/5
Enables process privileges
1/5
Enumerates running processes
1/5
Unusual large memory allocation
Spyware
Downloader
SecuriteInfo.com.Win64.MalwareX-gen.82596579.exe
2026-05-29T14:52:37.909
malicious
Windows Exe (x86-64)
Close
SecuriteInfo.com.Win64.MalwareX-gen.82596579.exe
malicious
SHA256:
2f04e1e48d9db645118b69c7d55dfe2b3a21a12f7ecd70bcb26840b73557784d
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Combination of other detections shows configuration discovery
4/5
Makes indirect system call to possibly evade hooking based monitoring
3/5
Suspicious content matched by YARA rules
3/5
Tries to evade debugger
3/5
Reads installed applications
3/5
Takes screenshot
3/5
Tries to detect the presence of antivirus software
2/5
Executes PowerShell without default profile
2/5
Signed executable failed signature validation
2/5
Collects hardware properties
2/5
Queries OS info via WMI
2/5
Executes PowerShell with hidden window
2/5
Enumerates running processes
2/5
Schedules task
2/5
Uses system binaries to initiate network connections
2/5
Searches for sensitive mail data
2/5
Suspicious content matched by YARA rules
2/5
Reads network adapter information
2/5
Searches for sensitive browser data
2/5
Delays execution
2/5
Sends control codes to a driver
1/5
Unusual large memory allocation
1/5
Creates mutex
1/5
Reads system data
1/5
Reads from memory of another process
1/5
Possibly does reconnaissance
1/5
Creates process with hidden window
1/5
Performs DNS request
1/5
Connects to remote host
1/5
Downloads file
1/5
URL contains a TLD highly associated with phishing
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Drops PE file
1/5
Timestamp manipulation
1/5
Downloads executable
1/5
Reads mouse position
1/5
Tries to detect debugger
1/5
Accesses Microsoft Security Software registry keys
1/5
Accesses volumes directly
1/5
Enumerates running processes
1/5
Creates a page with write and execute permissions
1/5
Enables process privileges
Spyware
Downloader
SecuriteInfo.com.Win64.MalwareX-gen.45267131.exe
2026-05-29T14:52:22.166
malicious
Windows Exe (x86-64)
Close
SecuriteInfo.com.Win64.MalwareX-gen.45267131.exe
malicious
SHA256:
ead52049a68c24e8538cd7763e59414f4b6561d458fab3bafd719543ce037025
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Combination of other detections shows configuration discovery
4/5
Makes indirect system call to possibly evade hooking based monitoring
3/5
Reads installed applications
3/5
Takes screenshot
3/5
Tries to evade debugger
3/5
Suspicious content matched by YARA rules
3/5
Tries to detect the presence of antivirus software
2/5
Searches for sensitive mail data
2/5
Delays execution
2/5
Searches for sensitive browser data
2/5
Sends control codes to a driver
2/5
Suspicious content matched by YARA rules
2/5
Executes PowerShell without default profile
2/5
Signed executable failed signature validation
2/5
Executes PowerShell with hidden window
2/5
Uses system binaries to initiate network connections
2/5
Schedules task
2/5
Reads network adapter information
2/5
Searches for sensitive application data
2/5
Collects hardware properties
2/5
Queries OS info via WMI
2/5
Enumerates running processes
1/5
Tries to detect debugger
1/5
Creates a page with write and execute permissions
1/5
Enumerates running processes
1/5
Creates mutex
1/5
Timestamp manipulation
1/5
Creates process with hidden window
1/5
Downloads executable
1/5
Reads from memory of another process
1/5
Enables process privileges
1/5
Reads system data
1/5
Accesses Microsoft Security Software registry keys
1/5
Performs DNS request
1/5
Connects to remote host
1/5
Downloads file
1/5
URL contains a TLD highly associated with phishing
1/5
Content matched by YARA rules
1/5
Accesses volumes directly
1/5
Unusual large memory allocation
1/5
Resolves API functions dynamically
1/5
Possibly does reconnaissance
1/5
Drops PE file
1/5
Reads mouse position
Spyware
Downloader