Our research team discovered the AdvancedParameter app during a routine investigation of new submissions to VirusTotal. After inspecting this application, we determined that it is adware belonging to the AdLoad malware family. Adware stands for advertising-supported software. It is desig
Our examination of the "Microsoft Corporation - Email Account Update" email revealed that it is spam. This letter is presented as a notification from Microsoft regarding urgent updates to the recipient's email account. This scam mail promotes a phishing website that records email passwords entered
BellaCiao is classified as dropper malware, which means it is intended to distribute other malware payloads onto a victim's computer system according to instructions from a C2 server. The payload delivered by BellaCiao is not downloaded but rather hardcoded into the executable as malformed base64
SethLocker is a ransomware-type program. It operates by encrypting data and demanding ransoms for its decryption. In most cases, malware of this kind renames the encrypted files by appending them with an extension. However, after executing a sample of SethLocker on our test machine, we learned tha
DVN is a ransomware variant based on Chaos ransomware. Our team came across DVN while checking the VirusTotal page for recently submitted malware samples. The purpose of DVN ransomware is to encrypt data. Also, this malware changes the victim's desktop wallpaper, creates the "unlock_here.txt" file
Our research team discovered the "Windows Key Code Is Not Valid And Seems Pirated" technical support scam while investigating rogue sites. The scheme makes false claims regarding an illegal Windows version and system infections. This tech support scam aims to trick users into calling the provided
During our investigation of new submissions to VirusTotal, our researchers came across the MajorLookup app. After closely scrutinizing the software, we determined that MajorLookup is, in fact, adware. Its main purpose is to display advertisements, and it may also possess other harmful capabiliti
Image Viewer is promoted as a browser extension that enhances image viewing capabilities. However, during our examination, we found that Image Viewer displays ads (it supports ads). For this reason, we classified Image Viewer as adware. It is worth noting that we discovered Image Viewer on a decep
After examining this email, our team has determined that it is a phishing attempt disguised as a message from an email service provider, with the scammers claiming to be the Microsoft team. The intention of the scammers behind this letter is to entice unaware recipients into accessing the fraudule
Our researchers found the Anonymous Video Player browser extension while investigating questionable websites. This extension is presented as a tool that allows users to playback videos and download them in multiple formats. After analyzing Anonymous Video Player, we determined that it is advertisi