Threat Feed
0MhdwTguMvdtBLQP.exe
2026-07-12T19:47:43.438
malicious
Windows Exe (x86-32)
Close
0MhdwTguMvdtBLQP.exe
malicious
SHA256:
320d43678c9b78ea6754a4783890a33a688d3347b60ff7a7711e0aa9c02f7d7a
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
1/5
Query OS Information
1/5
Resolves API functions dynamically
1/5
Queries system time
1/5
Detects filename manipulation
1/5
Creates mutex
1/5
Enables process privileges
1/5
Creates a page with write and execute permissions
1/5
Modifies operating system directory
Virus
gHTPytv8tD1K6ug6.exe
2026-07-12T19:41:13.792
malicious
Windows Exe (x86-32)
Close
gHTPytv8tD1K6ug6.exe
malicious
SHA256:
93ff39f857a3aed39d99c46ed383a94aa52173c6d0b5ba7313e8308f27c35e72
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
3/5
All network connection attempts failed
2/5
Allows invalid SSL certificates
1/5
Executes dropped PE file
1/5
Creates a page with write and execute permissions
1/5
Creates process with hidden window
1/5
Resolves API functions dynamically
1/5
Drops PE file
Ransomware
LFt9yiIBwpK4uTSz.exe
2026-07-12T19:40:30.896
malicious
Windows Exe (x86-32)
Close
LFt9yiIBwpK4uTSz.exe
malicious
SHA256:
9c089db1753ab11c9760d9e6b3c6cff034e3452d41583870987c48c51c1693ff
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
3/5
Tries to evade debugger
3/5
Modifies native system functions
2/5
Tries to detect kernel debugger
2/5
Tries to detect virtual machine
2/5
Makes direct system call to possibly evade hooking based monitoring
1/5
Queries system time
1/5
Drops PE file
1/5
Executes dropped PE file
1/5
Enumerates running processes
1/5
Tries to detect debugger
Trojan
IAkvqxBSyWYYT2kz.exe
2026-07-12T19:40:11.421
malicious
Windows Exe (x86-32)
Close
IAkvqxBSyWYYT2kz.exe
malicious
SHA256:
2757e0b0aa4072618ea3783e7b08f413c88ff560698b6780290d8e6dd6b84353
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Makes indirect system calls to hide process injection
5/5
Malicious content matched by YARA rules
4/5
Makes indirect system call to possibly evade hooking based monitoring
3/5
Executes code with kernel privileges
3/5
Tries to evade debugger
3/5
Modifies native system functions
2/5
Creates an unusually large number of processes
2/5
Sends control codes to a driver
2/5
Suspicious content matched by YARA rules
2/5
Searches for sensitive browser data
2/5
Delays execution
2/5
Sets up server that accepts incoming connections
1/5
Drops PE file
1/5
Loads a dropped DLL
1/5
Executes dropped PE file
1/5
Creates a page with write and execute permissions
1/5
Accesses volumes directly
1/5
Modifies operating system directory
1/5
Queries system time
1/5
Enumerates running processes
1/5
Masquerades file extension
1/5
Creates process with hidden window
1/5
Installs kernel driver
1/5
Installs system service
1/5
Performs DNS request
1/5
Connects to remote host
1/5
Tries to connect using an uncommon port
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
Overwrites code
1/5
Possibly does reconnaissance
Trojan
Injector
0DfSI5l7Z4y9Tj85.exe
2026-07-12T19:39:35.709
malicious
Windows Exe (x86-32)
Close
0DfSI5l7Z4y9Tj85.exe
malicious
SHA256:
bbb54af02a8be1ff0739cdeedeb0ecd4c0b1c55c1a13b1f56679f55c3e622809
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
3/5
Suspicious content matched by YARA rules
3/5
All network connection attempts failed
2/5
Hides files
2/5
Signed executable failed signature validation
2/5
Deletes file after execution
1/5
Drops PE file
1/5
Executes dropped PE file
1/5
Queries system time
1/5
Creates mutex
1/5
Modifies application directory
1/5
Possibly does reconnaissance
1/5
Content matched by YARA rules
1/5
Resolves API functions dynamically
1/5
A monitored process crashed
Hacktool