Banhu is malware that belongs to the Phobos ransomware family. It is designed to encrypt files, modify their filenames, and generate two similar ransom messages. Banhu renames files by adding the victim's ID, gooddecrypt@airmail.cc email address and appending the ".banhu" extension to filenames.
Commonly, websites such as yskimmed[.]top are promoted by potentially unwanted applications (PUAs) that many users download and install inadvertently. I.e., people do not often visit these sites intentionally. There are many other pages similar to yskimmed[.]top on the web including, for example,
Discovered by M. Shahpasandi, AMJIXIUS encrypts files and renames them by adding the ancrypted1@gmail.com email address, victim's ID, a string of random characters, and appending the ".AMJIXIUS" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.[ancrypted1@gmail.com][RHNjhHl29nDt]
People do not often visit websites such as superpush[.]net intentionally - they are usually opened by installed potentially unwanted applications (PUAs), through other bogus web pages, or dubious advertisements. Note that superpush[.]net is similar to yourwownewz[.]com, npolicito[.]online, robove
fastsolvecaptcha[.]com is one of many rogue websites that are designed to promote/open other bogus web pages or display dubious content. Some examples of other sites similar to fastsolvecaptcha[.]com are kersatur[.]online, yourwownewz[.]com and dozki[.]pro. Generally, users do not visit these web
Similar to Quasar RAT, VoidRAT is malicious software and a Remote Access Tool (RAT). When used maliciously, RATs are termed 'Remote Access Trojans'. Malware of this type enables remote access and control over infected machines. RATs have various functionalities that allow likewise varied misuse.
StandardBoost is an adware-type application with browser hijacker traits. It operates by delivering intrusive advertisement campaigns and making changes to browser settings to promote fake search engines. Additionally, most adware and browser hijackers have data tracking capabilities, which are
Generally, malspam emails are disguised as official messages from legitimate companies and organizations and contain a website link or attachment. Cyber criminals send these emails to trick recipients into infecting their computers with malware. This particular malspam email is used to distribute
lookawoman[.]com is an untrusted site that should not be trusted or visited. Browsers often open these pages because of potentially unwanted applications (PUAs) installed on them. I.e., users do not generally visit pages such as lookawoman[.]com intentionally. Some examples of other sites like th
BlackMamba was discovered by S!Ri. Ransomware is malware that encrypts files and generates ransom messages. It often renames encrypted files (e.g., appends an extension to filenames), however, this particular ransomware only encrypts files (it does not rename them) and displays a pop-up window (th