ThreatFeed
Technology
VMRay DeepResponse
Resources
Try VMRay
Threat Feed
Filter by Classification
Adware
Backdoor
Banker
Banking Trojan
Bot
Crypter
Crypter
Dialer
Downloader
Dropper
Eicar
EICAR
Exploit
Hacktool
HackTool
Injector
Jigsaw
Keylogger
Miner
Phishing
POS
Pua
PUA
Ransomware
RAT
Remote Access Trojan
Rootkit
Skylock
Spyware
Stealer
Trojan
Virus
Wiper
Worm
Xorist
Filter by Sample Type
Apple Script
Excel Document
HTML Application
HTML Application (Shell Link)
HTML Document
Java Archive
Java Class
JScript
Linux ELF Executable (x86-64)
macOS App
macOS Executable
Microsoft Access Database
Microsoft Publisher Document
MSI Setup
PDF Document
Powerpoint Document
PowerShell Script
PowerShell Script (Shell Link)
Python Script
RTF Document
Shell Script
URL
VBScript
Windows ActiveX Control (x86-32)
Windows ActiveX Control (x86-64)
Windows Batch File
Windows Batch File (Shell Link)
Windows DLL (x86-32)
Windows DLL (x86-64)
Windows Driver (x86-32)
Windows Driver (x86-64)
Windows Exe (x86-32)
Windows Exe (x86-64)
Windows Help File
Windows Script File
Word Document
Search
1
2
516597
>
http://www.5mp.eu/fajlok2/igacpt/index_www.5mp.eu_.html
2026-06-09T06:07:18.897
malicious
URL
Details
Close
http://www.5mp.eu/fajlok2/igacpt/index_www.5mp.eu_.html
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
Combination of other detections indicates a phishing website
4/5
Phishing page detected via Machine Learning
2/5
Unsecured data
2/5
Page uses exact same title as that of a popular online service
2/5
Page contains a branded logon form
2/5
Branded Logon form detected via Computer Vision
1/5
Page presents itself as a logon page
1/5
Branding image detected via Computer Vision
1/5
Page uses exact branding image of a popular online service
1/5
Page contains a form with unusual text spacing
Full Report
Close
Phishing
Full Report
https://pfpchdfbngkdyvit6s2nqwqv556xvnlwvfflgktdudux4qmfhzpa.exnihilio.dnshome.de/eV4jjKFplDxVE_S02FoV7316tXapSrMqY6DpfkGFPl4
2026-06-09T06:06:38.631
malicious
URL
Details
Close
https://pfpchdfbngkdyvit6s2nqwqv556xvnlwvfflgktdudux4qmfhzpa.exnihilio.dnshome.de/eV4jjKFplDxVE_S02FoV7316tXapSrMqY6DpfkGFPl4
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
TelegramPhishkit configuration was extracted
5/5
Combination of other detections indicates a phishing website
5/5
Malicious content matched by YARA rules
4/5
Malicious content matched by YARA rules
4/5
Phishing page detected via Machine Learning
3/5
Sends data via a Telegram bot
1/5
Page presents itself as a logon page
1/5
Loads resources from a public service
1/5
Logon form detected via Computer Vision
1/5
Page secured via a Domain Validated SSL certificate
1/5
Page contains a form with unusual text spacing
1/5
Checks external IP address
Full Report
Close
Phishing
Full Report
https://fucat-value.com/wp-includes/WP/Admin/Domain/index.html
2026-06-09T06:06:36.580
malicious
URL
Details
Close
https://fucat-value.com/wp-includes/WP/Admin/Domain/index.html
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
Malicious content matched by YARA rules
5/5
TelegramPhishkit configuration was extracted
5/5
Combination of other detections indicates a phishing website
4/5
Malicious content matched by YARA rules
4/5
Phishing page detected via Machine Learning
3/5
Sends data via a Telegram bot
1/5
Logon form detected via Computer Vision
1/5
Checks external IP address
1/5
Loads resources from a public service
1/5
Page is hosted on a CMS
1/5
Page presents itself as a logon page
1/5
Page secured via a Domain Validated SSL certificate
1/5
Page contains a form with unusual text spacing
Full Report
Close
Phishing
Full Report
https://mafkreibvanmasecure.standard.us-east-1.oortstorages.com/blas.jul
2026-06-09T06:06:05.545
malicious
URL
Details
Close
https://mafkreibvanmasecure.standard.us-east-1.oortstorages.com/blas.jul
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
TelegramPhishkit configuration was extracted
5/5
Combination of other detections indicates a phishing website
5/5
Malicious content matched by YARA rules
4/5
Malicious content matched by YARA rules
4/5
Phishing page detected via Machine Learning
3/5
Sends data via a Telegram bot
1/5
Page presents itself as a logon page
1/5
Loads resources from a public service
1/5
Logon form detected via Computer Vision
1/5
Page secured via a Domain Validated SSL certificate
1/5
Page contains a form with unusual text spacing
1/5
Checks external IP address
Full Report
Close
Phishing
Full Report
https://alld.standard.us-east-1.oortstorages.com/ett.cvn
2026-06-09T06:04:23.879
malicious
URL
Details
Close
https://alld.standard.us-east-1.oortstorages.com/ett.cvn
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
Malicious content matched by YARA rules
5/5
TelegramPhishkit configuration was extracted
5/5
Combination of other detections indicates a phishing website
4/5
Phishing page detected via Machine Learning
4/5
Malicious content matched by YARA rules
3/5
Sends data via a Telegram bot
1/5
Checks external IP address
1/5
Loads resources from a public service
1/5
Page presents itself as a logon page
1/5
Page secured via a Domain Validated SSL certificate
1/5
Page contains a form with unusual text spacing
1/5
Logon form detected via Computer Vision
Full Report
Close
Phishing
Full Report
1
2
516597
>