Matiex is a keystroke logger which is capable of taking screenshots, recording sound with the computer microphone and data saved in the system clipboard. Its users can receive logged data via Telegram, SMTP, FTP and Discord. Research shows that this keystroke logger can be purchased for US$25, $60
"Deutsche Bank Email Virus" is a spam campaign distributing fake Deutsche Bank emails. Deutsche Bank is a legitimate multinational investment bank and financial services company. The aforementioned messages are disguised as mail from this bank. The bank/company is in no way associated with these
ERROR is a part of the GlobeImposter ransomware family. This ransomware encrypts files, renames them and creates a ransom message. It renames encrypted files by appending the ".ERROR" extension to filenames. For example, "1.jpg" would be renamed to "1.jpg.ERROR", "2.jpg" to "2.jpg.ERROR", etc. It
WellMess, also known as WellMail, is a Remote Access Tool (RAT), however, when software programs of this type are used in a malicious capacity, they are referred to as Remote Access Trojans. Malware of this type enables remote access and control over an infected machine. RATs can have a wide vari
Mnbzr belongs to the Dharma ransomware family. Malware of this type is generally designed to encrypt files, change their filenames and generate a ransom message. Mnbzr renames files by adding the victim's ID, trfgklmbvzx@aol.com email address and appending the ".mnbzr" extension to filenames. For
CentralLot is a rogue application categorized as adware with browser hijacker traits. It operates by running intrusive ad campaigns, making changes to browser settings and promoting fake search engines. CentralLot promotes Safe Finder through akamaihd.net in this way. Most adware-type apps and
ScanUtilities is software promoted as a tool capable of speeding up and improving system performance, however, due the dubious methods used to proliferate this application, it is classified as a Potentially Unwanted Application (PUA). Usually, software within this classification is nonoperational
SNT2 is a malicious program belonging to the Matrix ransomware family. This malware is designed to encrypt data and demand payment for decryption. During the encryption process, all compromised files are renamed following this pattern: "[SantaGman@criptext.com].[random-string].SNT2" (consisting o
Kook is malicious software belonging to the Djvu ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, all compromised files are appended with the ".kook" extension. For exampl
Discovered by Marcelo Rivero, Tcprx is malicious software belonging to the Dharma ransomware family. It operates by encrypting data and demanding payment for decryption. During the encryption process, all affected files are renamed according to this pattern: original filename, unique ID, cyber cri