In the course of our inspection of malware samples uploaded to the VirusTotal site, we came across a Skynet ransomware variant dubbed Payuranson. The purpose of this malware is to encrypt files. Additionally, Payuranson creates a ransom note ("SkynetData.txt") and renames files (appends the ".payu
After conducting an examination of the malware samples provided on the VirusTotal platform, we have identified Wiaw as a variant belonging to the Djvu ransomware family. Wiaw operates by encrypting files and altering their filenames, adding the ".wiaw" extension. As an illustration, it transforms
While analyzing malware samples submitted to VirusTotal, we identified Wisz as ransomware linked to the Djvu family. Wisz ransomware encrypts files on the victim's system, appending the ".wisz" extension to their filenames. Additionally, it generates a "_README.txt" file containing a ransom note.
Our researchers discovered the AnalogInterface app while inspecting new file submissions to the VirusTotal platform. After examining this software, we determined that it is adware. AnalogInterface is part of the AdLoad malware family. It is designed to run intrusive ad campaigns and may have oth
After examining the CommonRemote application more closely, we have determined that it exhibits advertisements to users, categorizing it as adware. It is important to recognize that applications like CommonRemote may extend beyond simply displaying ads, potentially engaging in additional unwanted
This "Webmail Verification" email is spam. It is a phishing letter that targets Spanish-speaking users. It claims that the recipient's email account has been blocked due to suspicious sign-in attempts. By attempting to remove the suspension, the user is deceived into disclosing their email log-in
Discovered by Kaushík Pał, Avira9 is a ransomware-type program designed to encrypt data and demand payment for decryption. It must be emphasized that this malware is not associated with the Avira anti-virus or its developers. After we executed a sample of Avira9 on our testing system, the ransomw
After inspecting the "Webmail - Low Storage Space" email, we determined that it is spam. This phishing letter targets email account log-in credentials by making false claims regarding low mailbox storage. The scam email with the subject "Mailbox Alert: Your mailbox is full" (may vary) info
After reviewing the "Work For Charity" email, we determined that it is spam. This letter requests the recipient to distribute the sender's funds to charity. For their efforts, the recipient is promised 40% of the nine million pounds. Typically, scam mail of this kind targets personally identifiabl
TimbreStealer is a piece of malicious software designed to steal information. It was first observed being proliferated through email spam campaigns in the autumn of 2023 and is still in active distribution as of February 2024. This malware was noted being used to target users in Mexico exclusively