While inspecting new file submissions to the VirusTotal platform, our researchers discovered UpgradeStoreApp. This piece of software operates as adware, and it is part of the AdLoad malware family. UpgradeStoreApp is designed to feed users with undesirable and potentially harmful ads. Ad
SharedProjector is a rogue application discovered by our researchers during a routine check on new submissions to VirusTotal. Following our analysis, we determined that this app is advertising-supported software (adware) from the AdLoad malware family. Adware is designed to generate reve
We discovered the GallantBounce adware-type app while investigating new file submissions to the VirusTotal site. This piece of software is part of the AdLoad malware family. GallantBounce runs intrusive ad campaigns, and it may have additional harmful capabilities. Adware stands for adve
Our researchers found the RA World ransomware during a routine inspection of file submissions to the VirusTotal platform. Ransomware operates by encrypting files in order to demand payment for their decryption. The RA World ransomware is operated by threat actors known as RA Group (there is a rans
Our research team discovered the DarkiTon browser extension while investigating suspect websites. This piece of software is promoted as a tool for websites that enables dark mode with a blue light filter. After analyzing this extension, we determined that it is adware with browser hijacker capabi
Our assessment reveals that MediaService is a potentially harmful application distributed through a malicious installer. The installation of MediaService occurs simultaneously with various other undesirable components. Users are advised to remove MediaService and all related files as soon as possi
Our researchers found the Xro ransomware while reviewing new malware submissions to the VirusTotal platform. This malicious program is part of the Xorist ransomware family. After we launched a sample of Xro on our test system, it encrypted files and altered their names. Original filenames were ap
Agent Racoon is a malicious program written using the .NET framework. It is classed as a backdoor; malware within this classification is designed to open a "backdoor" into targeted systems. These programs are typically used in the initial phases of multi-stage infections. The first instances of A
During our evaluation, it has come to light that this email is a fraudulent attempt masquerading as a notification from DHL, a reputable logistics company. The individuals orchestrating this scam intend to deceive recipients into accessing a counterfeit website and divulging personal information.
While conducting regular analysis of malware samples submitted to VirusTotal, we discovered a ransomware variant dubbed Elpy. It belongs to the Phobos family and is designed to encrypt files, modify filenames, and provide two ransom notes. Elpy appends the victim's ID, ambu.lance@tuta.io email add