Mal-ecule
O(Dy)H₃(DbDsF)Md₃(BiHeSi)
Objectives
notable severity, 90% confident.
discovery/host
Process32 traversal P/Invoke text
baseline severity, 100% confident.
anti-static/obfuscation
WININET.DLL absent from PE import table
baseline severity, 90% confident.
evasion/indicator-removal
Export timestamp is absent
component severity, 90% confident.
anti-static/obfuscation/binary-metrics
Writable and executable sections (self-modifying
component severity, 99% confident.
anti-static/obfuscation/payload
PE version resource text
component severity, 100% confident.
command-and-control/infrastructure
Binary has 4 or fewer sections
component severity, 97% confident.
evasion/masquerade/version-resource
PE has no Authenticode signature
component severity, 100% confident.
evasion/process/injection
Lacks substantial resources
Micro-behaviors
notable severity, 90% confident.
data/string
VB6 runtime string decoding helpers
notable severity, 95% confident.
dylib
VB6 runtime API dispatch
notable severity, 95% confident.
fs/file/write
VB6 runtime binary file write
baseline severity, 70% confident.
communications/ip
gethostbyname import string
baseline severity, 90% confident.
fs/file
VB6 file I/O helper cluster
baseline severity, 92% confident.
os/random
VB6 runtime PRNG helpers
baseline severity, 88% confident.
ui/window/manage
Call window procedure
Metadata
notable severity, 85% confident.
binary/metrics
PE with malformed section layout
notable severity, 100% confident.
hardening
Writable and executable section (W^X violation)
notable severity, 100% confident.
signed
Binary is not digitally signed
baseline severity, 95% confident.
binary
Visual Basic 6 application framework
baseline severity, 95% confident.
dylib::msvbvm60
links MSVBVM60.DLL (vbaVarSub, vbaVarTstGt, CIcos, adj_fptan, vbaVarMove, ... +130 more)
20 of 28 traits shown
Objectives
notable severity, 90% confident.
discovery/host
Process32 traversal P/Invoke text
baseline severity, 100% confident.
anti-static/obfuscation
WININET.DLL absent from PE import table
baseline severity, 90% confident.
evasion/indicator-removal
Export timestamp is absent
component severity, 90% confident.
anti-static/obfuscation/binary-metrics
Writable and executable sections (self-modifying
component severity, 99% confident.
anti-static/obfuscation/payload
PE version resource text
component severity, 100% confident.
command-and-control/infrastructure
Binary has 4 or fewer sections
component severity, 97% confident.
evasion/masquerade/version-resource
PE has no Authenticode signature
component severity, 100% confident.
evasion/process/injection
Lacks substantial resources
Micro-behaviors
notable severity, 90% confident.
data/string
VB6 runtime string decoding helpers
notable severity, 95% confident.
dylib
VB6 runtime API dispatch
notable severity, 95% confident.
fs/file/write
VB6 runtime binary file write
baseline severity, 70% confident.
communications/ip
gethostbyname import string
baseline severity, 90% confident.
fs/file
VB6 file I/O helper cluster
baseline severity, 92% confident.
os/random
VB6 runtime PRNG helpers
baseline severity, 88% confident.
ui/window/manage
Call window procedure
Metadata
notable severity, 85% confident.
binary/metrics
PE with malformed section layout
notable severity, 100% confident.
hardening
Writable and executable section (W^X violation)
notable severity, 100% confident.
signed
Binary is not digitally signed
baseline severity, 95% confident.
binary
Visual Basic 6 application framework
baseline severity, 95% confident.
dylib::msvbvm60
links MSVBVM60.DLL (vbaVarSub, vbaVarTstGt, CIcos, adj_fptan, vbaVarMove, ... +130 more)
20 of 28 traits shown
Identity
| SHA-256 | 2d663616c17c4ad38b6ea13076d614d390ff9e469b6097d9a9dc91428e6397b3 |
|---|---|
| Filename | Virus.Hijack_Gen.Trojan.ShellObject.u8Z@aqsS8zj_4_2.vir |
Origin
| Source | harvest |
|---|---|
| Feed | datasets |
| Ecosystem | datamaliciousorder |
Timeline
| First seen | 24 Apr 2026 16:14 UTC |
|---|---|
| First analyzed | 9 May 2026 23:54 UTC |
| Last analyzed | 9 May 2026 23:54 UTC |
| Last updated | 9 May 2026 23:54 UTC |
Labeling
| Label | bad |
|---|---|
| Label source | harvest |
| Traits version | d376d |
Not seeing what you expected? Let us know