Threat Feed
SecuriteInfo.com.Win32.MalwareX-gen.19285569.exe
2026-03-07T20:38:42.170
malicious
Windows Exe (x86-32)
Close
SecuriteInfo.com.Win32.MalwareX-gen.19285569.exe
malicious
SHA256:
69645cff07f7dbb3b27ee59ba60f2bbd0d6ac7abd9e954e3b2be8f14adcfefc1
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
5/5
Tries to read cached credentials of various applications
4/5
Injected process sets up server that accepts incoming connections
4/5
Makes indirect system call to possibly evade hooking based monitoring
3/5
Modifies native system functions
3/5
Tries to detect the presence of antivirus software
2/5
Reads sensitive browser data
2/5
Writes into the memory of a process started from a created or modified executable
2/5
Modifies control flow of a process started from a created or modified executable
2/5
Delays execution
2/5
Searches for sensitive browser data
2/5
Searches for sensitive application data
1/5
Resolves API functions dynamically
1/5
Tries to connect using an uncommon port
1/5
Creates a page with write and execute permissions
1/5
Creates process with hidden window
1/5
Tries to detect debugger
1/5
Enumerates running processes
1/5
Connects to remote host
1/5
Creates mutex
1/5
Reads system data
1/5
Overwrites code
1/5
Drops PE file
1/5
Executes dropped PE file
Spyware
Backdoor
Downloader
file.exe
2026-03-07T20:38:36.019
malicious
Windows Exe (x86-64)
Close
file.exe
malicious
SHA256:
aa4cc936db87bc3eae126b606859bc1b9e8f22f8025afa01a1ef1ac8bc76e04b
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Combination of other detections shows multiple input capture behaviors
5/5
Tries to read cached credentials of various applications
3/5
Suspicious content matched by YARA rules
3/5
Takes screenshot
3/5
Captures clipboard data
2/5
Searches for sensitive mail data
2/5
Reads sensitive mail data
2/5
Suspicious content matched by YARA rules
2/5
Sends control codes to a driver
2/5
Searches for sensitive browser data
2/5
Tries to detect debugger
2/5
Sets up server that accepts incoming connections
2/5
Searches for sensitive application data
1/5
Resolves API functions dynamically
1/5
Reads system data
1/5
Enumerates running processes
1/5
Checks external IP address
1/5
Performs DNS request
1/5
Connects to remote host
1/5
Creates a page with write and execute permissions
1/5
Possibly does reconnaissance
1/5
Query OS Information
Spyware
SecuriteInfo.com.Win32.MalwareX-gen.79418531.exe
2026-03-07T20:09:13.394
malicious
Windows Exe (x86-32)
Close
SecuriteInfo.com.Win32.MalwareX-gen.79418531.exe
malicious
SHA256:
67ac1914241db5466d1f81e6de3dab52a8f0a159944dac20962092b19e6d7267
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Malicious content matched by YARA rules
4/5
Makes indirect system call to possibly evade hooking based monitoring
2/5
Modifies control flow of a process started from a created or modified executable
2/5
Writes into the memory of a process started from a created or modified executable
1/5
Drops PE file
1/5
Creates process with hidden window
1/5
Executes dropped PE file
1/5
Creates a page with write and execute permissions
1/5
Resolves API functions dynamically
1/5
Enumerates running processes
Downloader
https://illustrious-stardust-7ac4c1.netlify.app
2026-03-07T19:57:02.748
malicious
URL
Close
https://illustrious-stardust-7ac4c1.netlify.app
malicious
SHA256:
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Combination of other detections indicates a phishing website
4/5
Malicious content matched by YARA rules
4/5
Phishing page detected via Machine Learning
2/5
Page is served from a service commonly used for temporary hosting
1/5
Page presents itself as a logon page
1/5
Resource is loaded from a service commonly used for temporary hosting
1/5
Loads image resources from another website
Phishing
http://acceso-ya1.webcindario.com
2026-03-07T19:56:27.611
malicious
URL
Close
http://acceso-ya1.webcindario.com
malicious
SHA256:
VMRay Threat Identifiers
Close
Severity
Operation
5/5
Combination of other detections indicates a phishing website
4/5
Phishing page detected via Machine Learning
3/5
Page contains a Microsoft logon form
2/5
Unsecured data
1/5
Page presents itself as a logon page
1/5
Content matched by YARA rules
Phishing