Nhuie is ransomware. It encrypts files to make them inaccessible for victims. Also, Nhuie renames all of the encrypted files (it appends a string of random characters and the ".nhuie" extension to filenames) and creates the "8Axs_HOW_TO_DECRYPT.txt" file (a ransom note). For example, it renames "
Surtr is ransomware. Malware of this type encrypts files (and renames them) and generates a ransom note. Surtr appends the decryptmydata@mailfence.com email address and the ".SURT" extension to filenames. For example, it renames "1.jpg" to "1.jpg.[DecryptMyData@mailfence.com].SURT", "2.jpg" to "2
LogStandard generates annoying advertisements and changes web browser's settings to promote a fake search engine. This app has the qualities of advertising-supported and browser-hijacking software. Users rarely download and install such apps knowingly. Thus, LogStandard and similar apps are cate
Razer is ransomware that encrypts files, appends a string of random characters, the razer1115@goat.si email address, and ".razer" extension to filenames. It provides instructions on how to contact the attackers for data decryption in the "readme-warning.txt" text file. An example of how Razer ren
FileClick has two purposes: to generate advertisements and hijack a web browser (promote a fake search engine). Typically, apps like FileClick are promoted and distributed using shady websites, installers, and other deceptive methods. Thus, users download and install them unintentionally.
RED is ransomware - a type of malware that encrypts files. It also modifies filenames, displays a ransom note in a pop-up window, and provides another one as the "info.txt" file. RED renames files by appending the victim's ID, redline@onionmail.org email address, and the ".RED" extension to filena
ManagerDisplay is adware that generates advertisements, hijacks a web browser (to promote a fake search engine), and collects information. A big part of software of this type is promoted and distributed using questionable, deceptive methods. It means that most adware gets downloaded and installe
WannaBitcoin is ransomware designed to encrypt files, append the ".wannabitcoin" extension to filenames, and provide three ransom notes. WannaBitcoin displays a pop-up window, creates the "READ ME TO RECOVER YOUR FILES.wannabitcoin.txt" file, and changes desktop wallpaper. All three of them contai
The purpose of the ExplorerTransaction application is to generate advertisements and promote a fake search engine. It promotes a fake search engine by hijacking a web browser. It is very common for apps like ExplorerTransaction to be promoted and distributed in deceptive ways. Advertisem
Health ransomware is part of the Phobos ransomware family. It encrypts files, appends the victim's ID, loading66@tuta.io email address, and the ".health" extension to filenames. Health generates two ransom notes: "info.txt" and "info.hta" (the second file displays a ransom note in a pop-up window)