In our evaluation of samples uploaded to Virustotal, we discovered the JerryRansom ransomware, which is based on the Chaos ransomware. JerryRansom encrypts files, changes the desktop wallpaper, crates a ransom note (the "Read_me.txt" file), and appends four random characters to filenames. For ins
Although Web Ads Filter is marketed as a browser extension for getting rid of offensive advertisements, our examination indicates that it functions as adware. Once added to a web browser and activated, Web Ads Filter inundates users with irritating advertisements that could potentially direct them
Myhotfeed[.]com is the address of a rogue webpage discovered by our research team during a routine investigation of suspect sites. This website endorses browser notification spam and redirects users to different (likely dubious/malicious) pages. Most visitors to webpages like myhotfeed[.]com ente
ChipsOverallKind is a rogue application found by our research team during a routine investigation of new file submissions to the VirusTotal platform. Upon inspection, we determined that this app is adware from the AdLoad malware family. ChipsOverallKind runs intrusive advertisement campaigns an
Wing is the name of a ransomware-type program. This malware is designed to encrypt files and demand ransoms for their recovery (decryption). We have obtained a test sample of this ransomware and executed it on our testing system. The program appended locked files with a ".wing" extension, e.g., a
AllaKore is a RAT (Remote Access Trojan). These trojans enable remote access and control over compromised systems. AllaKore was first detected in 2015 as an open-source RAT written in the Delphi programming language, and it possessed rather basic capabilities. However, since 2021, heavily modifie
Joker is a malware that targets Android devices. This malicious program is classed as a Remote Access Trojan (RAT). Joker operates by enabling remote access and control over machines. It is also considered to be a banking trojan, as it seeks finance-related information. Joker malware is related to
Upon analysis, it was discovered that the app functions as adware. StandartPartition, upon installation, displays intrusive advertisements to promote questionable content. Furthermore, the app may possess the ability to access and collect personal information. Therefore, it is advisable to avoid
In our thorough examination of malware samples submitted to the VirusTotal page, we have determined that Ldhy is a ransomware variant linked to the Djvu family. Ldhy encrypts files and appends its extension (".ldhy") to the filenames. For instance, it transforms "1.jpg" into "1.jpg.ldhy", "2.png"
While investigating deceptive websites, our team uncovered an installation package containing a dubious application that compels users to visit ssj4.io, a questionable search engine. Typically, browser-hijacking programs modify browser settings to promote such sites. In this case, the app abstaine