Threat Feed | Online Malware Sandbox

Windows Exe (x86-32)

RxeuJ1fTYdElpDEx.exe

malicious

SHA256: 07c876c32aabf0b197bbbe5705dca5839a56736f3c995dcddf085cbcdca6060d

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Hides files

1/5

Content matched by YARA rules

1/5

Resolves API functions dynamically

1/5

Drops PE file

1/5

Creates a page with write and execute permissions

1/5

Possibly does reconnaissance

1/5

Modifies application directory

Virus

arsSvt7qOa77eq54.exe

2026-04-03T17:57:23.628

Windows Exe (x86-32)

arsSvt7qOa77eq54.exe

malicious

SHA256: 22212fc665b4b48370967417a0bcc668d18c473d1ac4dda900232aada58df7d0

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Hides files

2/5

Disables a system tool

1/5

Modifies operating system directory

1/5

Creates a page with write and execute permissions

1/5

Resolves API functions dynamically

1/5

Creates an unusually large number of files

1/5

Drops PE file

1/5

Content matched by YARA rules

1/5

Modifies application directory

1/5

Possibly does reconnaissance

Virus

lqSBFODMp56ApmQK.exe

2026-04-03T17:57:01.912

Windows Exe (x86-32)

lqSBFODMp56ApmQK.exe

malicious

SHA256: 2e0cc08ed74639dcb985037dce3b641970034022b81dd47e0f6a321b9dcf633e

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

2/5

Hides files

2/5

Searches for sensitive browser data

1/5

Modifies operating system directory

1/5

Content matched by YARA rules

1/5

Obfuscates control flow

1/5

Resolves API functions dynamically

1/5

Creates an unusually large number of files

1/5

Creates a page with write and execute permissions

1/5

Drops PE file

1/5

Modifies application directory

1/5

Possibly does reconnaissance

Virus

7eBU9R51eQ6KdRR4.exe

2026-04-03T17:56:52.046

Windows Exe (x86-32)

7eBU9R51eQ6KdRR4.exe

malicious

SHA256: bc42ca50854d3bd0983d95f64fa1d46a629c83e1e18b24e60e3cc4cc5d1485bf

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Creates file(s) in the .NET assembly directory to hide them from Windows Explorer

2/5

Hides files

2/5

Searches for sensitive browser data

1/5

Resolves API functions dynamically

1/5

Creates a page with write and execute permissions

1/5

Drops PE file

1/5

Modifies application directory

1/5

Possibly does reconnaissance

1/5

Modifies operating system directory

Virus

P9dF8812DHlZHxl1.exe

2026-04-03T17:56:17.409

Windows Exe (x86-32)

P9dF8812DHlZHxl1.exe

malicious

SHA256: 27581dab92bdef95d29596a4fffa58b5d0d3eb1599b2edb4139738769a6cd333

VMRay Threat Identifiers

Severity

Operation

5/5

Malicious content matched by YARA rules

3/5

Tries to evade debugger

2/5

Hides files

2/5

Tries to detect virtual machine

1/5

Executes dropped PE file

1/5

Drops PE file

1/5

Obfuscates control flow

1/5

Detects filename manipulation

1/5

Tries to detect debugger

Trojan