When looking through support forums, our research team learned of the Ranger3X ransomware (a new variant of TeslaRVNG) from a report made by a victim's representative. We have sampled this malware from VirusTotal and executed it on our test machine. Ranger3X encrypted the files on our test system
"VBA/TrojanDownloader.Agent" primarily refers to malicious Microsoft Office documents. Its variations are used as detection names by many anti-virus programs. Virulent MS documents are designed to cause malware infections by executing malicious macro commands. These files are most commonly distrib
"MSIL/Spy.Agent" refers to backdoor-type malware. Its variants are used by many anti-virus programs as detection names primarily for trojans that operate as backdoors. This type of malware is designed to create a "backdoor" for additional malicious software. Theoretically, these trojans can infect
LNK/Agent is a detection name for a Windows system shortcut to a malicious file, program, or folder. Shortcuts (LNK files) detected as LNK/Agent do not contain payload - they launch malicious executables (execute files designed to infect computers with malware). Cybercriminals use LNK files becaus
MSIL/TrojanDownloader.Agent is a detection name for malware that contains a URL (or multiple URLs). It uses that URL to download other malware from the Internet and infect a computer with it. MSIL/TrojanDownloader.Agent targets Windows operating systems. MSIL/TrojanDownloader.Agent malware
Our researchers found the Uigd ransomware while inspecting new submissions to VirusTotal. We also learned that this malicious program belongs to the Djvu ransomware family. After being released onto our test system, this malware began encrypting files and appending their filenames with a ".uigd"
feel dark is a browser extension that promises to enable dark mode for various websites. Our research team discovered this piece of software while inspecting dubious download pages. After analyzing feel dark, we concluded that it operates as adware. Advertising-supported software may requi
We have analyzed the text and links presented in this email and concluded that it is a typical phishing email that scammers use to trick recipients into providing sensitive information. It is disguised as a letter from an email service provided. It contains links to phishing websites asking to ent
Our team has discovered the ColossusAspect application while visiting shady websites that displayed deceptive pop-ups. After analyzing the app, we found that it generates advertisements and can read sensitive information from visited websites. Thus, we concluded that ColossusAspect is adware.
ZipArrow is a piece of rogue software our researchers discovered while looking through new submissions to VirusTotal. After analyzing this app, we determined that it operates as advertising-supported software (adware). Additionally, ZipArrow belongs to the AdLoad malware family. Adware m