Our research team discovered the avob.co[.]in rogue webpage while inspecting suspicious sites. It operates by promoting browser notification spam and redirecting visitors to other (likely unreliable/harmful) websites. Users primarily access avob.co[.]in and similar pages through redirects generat
While investigating new file submissions to the VirusTotal website, our researchers discovered the DynamicExplorer application. After inspecting it, we determined that DynamicExplorer is advertising-supported software (adware) belonging to the AdLoad malware family. Adware is designed to
Cityscapes is a browser extension that promises to display browser wallpapers depicting cityscapes and urban skylines. Our researchers found this piece of software while investigating deceptive websites. After analyzing Cityscapes, we learned that it modifies browser settings and promotes (via red
Our research team found the ElementaryDivision adware while inspecting new submissions to the VirusTotal website. When we examined this piece of software, we determined that it is adware. ElementaryDivision is part of the AdLoad malware family. This application is designed to deliver intrusive a
Our research team discovered the Lqepjhgjczo ransomware while inspecting new submissions to the VirusTotal platform. This malicious program is part of the Snatch ransomware family. It is designed to encrypt files and demand payment for their decryption. On our test machine, Lqepjhgjczo encrypted
Our inspection of the "ATM Card" email uncovered that it is spam. The letter claims that the recipient will be sent an ATM card with over three million US dollars on it, and they are asked to provide their personal information for delivery purposes. However, it is possible that this phishing scam
The BellisPerennis browser extension came to our attention when our team analyzed a malicious installer sourced from an untrustworthy website. We identified that BellisPerennis possesses the capability to execute various actions upon adding, including the activation of the "Managed by your organiz
While examining malware samples submitted to VirusTotal, we encountered a ransomware variant known as Oohu. Oohu is specifically crafted to encrypt files and modify their file names by adding the ".oohu" extension. Additionally, Oohu produces a ransom message named "_readme.txt". To provide an ex
PySilon is a Remote Access Trojan (RAT) written in the Python programming language. Malware within this classification enables remote access and control over infected machines. PySilon is a multi-functional program that can execute various commands on systems and has extensive spyware/data-stealin
While analyzing a malicious installer obtained from an untrustworthy website, our team stumbled upon the Fish browser extension. We observed that Fish possesses the capability to execute multiple actions once added. One of its functions includes enabling the "Managed by your organization" feature