During examination of PublicSystem, it has been found that its main purpose is to show annoying advertisements. Apps that operate like PublicSystem are called adware. It is crucial to emphasize that users often unintentionally install applications like PublicSystem on their computers. Th
While conducting an analysis of malware samples submitted to VirusTotal, we came across Ttrd, which is a ransomware variant associated with the Djvu family. Ttrd operates by encrypting files, adding the ".ttrd" extension to their filenames, and creating a ransom note in the form of a text file nam
During our analysis of a suspicious installer downloaded from an untrustworthy website, we encountered the MacropusRufus browser extension. Our investigation uncovered concerning characteristics associated with this software, including its ability to activate the "Managed by your organization" fea
While analyzing malware samples submitted to the VirusTotal platform, we encountered a ransomware variant named Ttwq. Ttwq encrypts files and modifies their filenames by adding the ".ttwq" extension. Furthermore, Ttwq is designed to create a text file called "_readme.txt", which contains a message
Our researchers discovered PerfectSave during a routine investigation of new file submissions to the VirusTotal platform. After examining this piece of software, we determined that it is adware belonging to the AdLoad malware family. PerfectSave operates by feeding users undesirable and deceptiv
Our research team discovered the OverallHelpDesk application while reviewing new submissions to the VirusTotal website. This app is advertising-supported software (adware) that is part of the AdLoad malware family. OverallHelpDesk delivers intrusive advertisement campaigns and may have other har
Our researchers discovered the Lapsus$ Group ransomware while investigating new malicious file submissions to the VirusTotal website. It operates by encrypting files to demand ransoms for their decryption. After launching an executable of this malware on our testing system, we learned that the na
While inspecting new submissions to the VirusTotal platform, our research team discovered the PositiveConnectivity adware-type app. It is part of the AdLoad malware family. This application is designed to generate revenue for its developers by feeding users with unwanted and deceptive adverts. I
SULINFORMATICA is a ransomware-type program discovered by our researchers during a routine investigation of new submissions to the VirusTotal website. This malicious program is designed to encrypt data and demand payment for its decryption. After we executed a sample of SULINFORMATICA on our test
SysUpdate is the name of a malware that is classified as a backdoor. Programs within this class are designed to infiltrate systems stealthily and may open a "backdoor" for further infection. While SysUpdate has been around since at least 2020, it has continued to undergo improvements. Historicall