NineRAT is a Remote Administration Trojan (RAT) written in the DLang programming language. This RAT is used by a group of threat actors known as Lazarus. RAT is a type of malware that allows unauthorized remote access to a victim's computer, enabling cyber attackers to control the system, potentia
DLRAT, a malware built using the DLang programming language, operates as both a Remote Access Trojan (RAT) and a downloader. RATs, in general, are crafted to enable unauthorized remote access and control over compromised computers. DLRAT is known to be employed by a cybercrime group known as Lazar
"HackTool:Win32/Crack" is a generic detection name used by a multitude of security engines and vendors for software "cracks". "Cracks" are illegal tools utilized for "cracking" program protection; this includes bypassing the product's security measures, implementing a stolen activation key or fak
LogarithmicProcess is the name of a rogue application that we discovered while inspecting new submissions to the VirusTotal website. Our analysis revealed that this app is advertising-supported software (adware). LogarithmicProcess is part of the AdLoad malware family. It operates by running in
BottomLoader is a DLang-based malware downloader that plays a role in the initial stages of a cyber attack by facilitating the retrieval and execution of subsequent malicious payloads. This malware is designed to deliver additional malware or tools onto the compromised system, expanding the attack
Our research team discovered the BuLock ransomware during a routine inspection of new file submissions to the VirusTotal platform. Upon inspection, we determined that this malicious program is part of the MedusaLocker ransomware family. On our test system, BuLock encrypted files and altered their
During our examination, we have determined that the intent of this email is to deceive recipients into revealing personal information on a fraudulent website. The message is disguised as a notification from an email service provider and includes a deceptive link leading to a phishing page.
Through meticulous examination, the findings indicate that DataEngine is a malicious program distributed alongside other apps of this kind (e.g., fake cracking tools). The distribution of DataEngine involves a malicious installer hosted on a shady website offering free software activation. Affecte
ProductLauncher is a rogue app that we discovered while reviewing new file submissions to the VirusTotal website. After analyzing this piece of software, we learned that it is adware from the AdLoad malware family. This advertising-supported software feeds users with unwanted and potentially mal
Recipe Saver is a browser extension that promises easy access to new recipes and other features. Our research team discovered this piece of software while investigating deceptive sites. Following our analysis, we determined that this extension is a browser hijacker. Recipe Saver makes changes to