In our analysis of the malware dubbed Beast, we found that it functions as ransomware: upon infiltration, Beast encrypts files, presents a ransom note, and renames files. The discovery of Beast ransomware took place during our inspection of malware samples submitted to VirusTotal. Beast appends a
Following our examination of the InternetGuardian application, its intended function remained unclear. Moreover, we observed deceptive distribution channels associated with this application. Consequently, we have classified InternetGuardian as an unwanted application. Users should approach such so
During our investigation, we discovered that this email is a phishing attempt, falsely urging recipients to take specific actions. Phishing emails often masquerade as legitimate communications from trusted entities, aiming to deceive recipients into divulging personal information or performing act
Upon analysis, the ATCK malware was determined to be a member of the Dharma family and operate as ransomware. We discovered ATCK during the examination of malware samples submitted to VirusTotal. Upon infiltration, ATCK encrypts files, delivers two ransom notes ("info.txt" and a pop-up window cont
Our research team discovered the WebCoordinator application during a routine investigation of new submissions to the VirusTotal site. Upon examination, it became evident that WebCoordinator is adware from the AdLoad malware family. Advertising-supported software is designed to generate revenue t
System Utilities is a piece of software endorsed as a system optimization tool capable of scanning folders, removing unused/junk files, uninstalling programs, eliminating autostart for software, etc. This app is promoted using dubious methods – hence, it is classed as a PUA (Potentially Unwanted A
Upon inspection, we determined that the "Products On LinkedIn" email is spam. The letter is presented as a potential purchase inquiry. The goal of this mail is to deceive recipients into disclosing their email account log-in credentials to a phishing site. The spam email with the subject "
Sharp is a stealer-type malware. This malicious program is capable of extracting vulnerable information from browsers, gaming-related software, messengers, cryptocurrency wallets, and other apps. Based on the data profile sought by Sharp stealer, it is possible that this malware targets gamers. S
Our researchers found the Silver Wave app bundled in an installer endorsed by a deceptive webpage, which was accessed via a redirect from a Torrenting website that employs rogue advertising networks. Aside from containing the Silver Wave PUA (Potentially Unwanted Application), the installation set
MadMxShell is malware, a backdoor designed to infiltrate Windows systems. What sets it apart is its method of communication with its C2 server. Instead of using conventional channels, like direct connections or standard internet protocols, MadMxShell employs DNS MX queries for communication.