During our analysis of malware samples submitted to VirusTotal, we encountered L00KUPRU, a ransomware variant belonging to the Xorist family. This ransomware encrypts files, triggers a pop-up window, and generates a "HOW TO DECRYPT FILES.txt" file, both of which contain a ransom note. Also, L00KU
Upon thorough analysis, it has been determined that IndexerTask is a deceitful application designed to flood users with intrusive advertisements. As a result, IndexerTask has been categorized as adware. Users commonly unknowingly download and install such software, unaware of its tendency to sho
After careful examination, it has been established that DynamicPositive is an untrustworthy application crafted to inundate users with intrusive advertisements. Consequently, DynamicPositive has been categorized as adware. Typically, users inadvertently download and install such software, unawar
We discovered idesmasp[.]com while investigating suspicious sites. This rogue page promotes browser notification spam and can redirect users to different (likely unreliable/hazardous) websites. Most visitors to webpages similar to idesmasp[.]com access them through redirects caused by sites using
We discovered SyncProcess adware while browsing new submissions to the VirusTotal platform. This application belongs to the AdLoad malware family. SyncProcess is designed to generate through advertising. Adware typically operates by placing third-party graphical content (e.g., overlays,
Moltenmoldmaster[.]com is a rogue webpage found by our researchers during a routine inspection of untrustworthy sites. Our examination revealed that this page endorses spam browser notifications and redirects to other (likely dubious/dangerous) websites. Most users access webpages like moltenmold
Charity is a ransomware-type program. Typically, malware within this classification encrypts files and demands ransoms for the decryption. However, the Charity malicious program did not encrypt data at the time of research. Instead, Charity displayed a fullscreen message containing a standard ran
Our researchers found the PracticalDisplay application while reviewing new submissions to the VirusTotal website. After investigating this piece of software, we determined that it is adware. PracticalDisplay is part of the AdLoad malware family. This app operates by delivering intrusive advert c
Our researchers found iwheenaiga[.]com while browsing untrustworthy websites. After inspecting this rogue webpage, we determined that it promotes browser notification spam and redirects users to other (likely dubious/malicious) sites. The majority of visitors to iwheenaiga[.]com and pages akin to
This fake crypto exchange platform imitates the legitimate Hyperliquid trading platform. The scam website we investigated perfectly mimicked Hyperliquid's design. However, the fraudulent webpage lacked functionality besides the "connect wallet" option. When users "connect" their digital wallets to