During our analysis of malware samples submitted to VirusTotal, we encountered Agpo, ransomware which is part of the Djvu ransomware family. Agpo employs encryption to block access to files and appends a new extension (".agpo") to their filenames. Additionally, it generates a ransom note in the fo
During our examination of malware samples submitted to VirusTotal, our team encountered Aghz ransomware, a member of the Djvu ransomware family. This ransomware encrypts files and appends the ".aghz" extension to their filenames. Additionally, it generates a "_readme.txt" file that includes paymen
After evaluating the WebpageHardware application, we have determined that it displays intrusive advertisements. These types of applications are commonly referred to as adware or advertising-supported applications. It is common for users to install adware inadvertently. WebpageHardware ca
Upon examining the AssistivePlatform application, our analysis revealed that it exhibits intrusive advertisements. Such applications are known as adware or advertising-supported applications. Users commonly install adware without their knowledge or awareness. AssistivePlatform falls unde
Meduza is a type of malware created using the C++ programming language, specifically designed to steal information. It targets various applications and clients, including web browsers and cryptocurrency wallets, with the objective of collecting sensitive data. This malicious software is available
We found the BalanceSignal app while inspecting new submissions to the VirusTotal website. After investigating this application, we determined that it is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to display advertisements on visite
Rhysida is the name of a ransomware-type program. It is designed to encrypt data and demand payment for its decryption. On our testing machine, Rhysida encrypted files and appended their filenames with a ".rhysida" extension. To elaborate, a file originally named "1.jpg" appeared as "1.jpg.rhysid
After inspecting this "Moldindconbank" email, we determined that it is fake. This letter targets clients of the Moldindconbank Moldovan bank. The spam email states that the recipient's card has been suspended due to suspicious activity. To rectify this issue, the recipient is to conclude a verific
While inspecting new submissions to VirusTotal, our researchers found the Havoc ransomware. Malware of this kind is designed to encrypt data and demand payment for its decryption. On our test machine, Havoc encrypted files and altered their filenames. Original titles were appended with the attack
Upon careful analysis of this email, our team has concluded that it is an instance of phishing. The email is designed to deceive recipients by posing as a communication from an email service provider, specifically impersonating Webmail. The primary goal of scammers is to trick unsuspecting individ