Threat research notebook

Gridinsoft Security Lab

Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.

302 lab records

Latest note ·

Movidown Unwanted Application

Movidown is an Unwanted Application that initially mimics a utility for controlling fan speed. However, beneath this shell, it has the capabilities of a dropper malware, which it right away uses to deploy browser...

Field note ·

PUABundler:Win32/YandexBundled

PUABundler:Win32/YandexBundled is a detection of potentially unwanted application (PUA) associated with the Russian company Yandex. It...

Research log

01

Trojan:BAT/PSRunner.VS!MSR

Record ·

Trojan:BAT/PSRunner.VS!MSR is a detection of malware that executes malicious commands on a compromised system. It does not do much hurt by itself and rather...

03

CSRF (Cross-Site Request Forgery) vs XSS

Record ·

Cross-Site Request Forgery Cross-Site Request Forgery (CSRF) is an attack targeting vulnerabilities in computer security, posing significant risks to user information and accounts. It...

05

Trojan:Script/Downloader!MSR: Meaning and Removal Guide

Record ·

Trojan:Script/Downloader!MSR is a Microsoft Defender alert for a script that can download another payload. Check the source, quarantine status, false-positive signs, and leftover persistence...

08

Fake Instagram Hacking Services

Record ·

Instagram hacking scams is an old-new direction of online fraud that targets people who want to get into someone’s accounts on social media. Frauds...

09

Stopabit Virus

Record ·

Stopabit is an unwanted application that has almost no useful functionality. Users can see its promotions as a useful tool for screen time control,...

11

Bloom.exe

Record ·

Bloom.exe is a malicious miner that masquerades as a legitimate process. Its job is to use the victim's device to mine cryptocurrency for con...

14

PUA:Win32/Caypnamer.A!ml: What It Is and Removal

Record ·

PUA:Win32/Caypnamer.A!ml is a Microsoft Defender detection that should be judged by the affected file path, source, signature, and behavior, not by the name alone....

15

Virus:Win32/Floxif.H Removal

Record ·

Virus:Win32/Floxif.H is a severe Microsoft Defender file-infector alert. Learn how to remove it, rescan safely, and handle infected files or backups.

AI Assistant

Hello! 👋 How can I help you today?