ThreatInfo Detection Digest: May 25, 2026

ThreatInfo research digest

A concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.

New report links20

Tracked categories5

Primary actionVerify hash

Category overview

Adware4 new reports PUP/PUA4 new reports Trojan4 new reports Ransomware4 new reports Virus4 new reports

Reports worth opening

Adware

Review browser changes, bundled installers, extensions, and unexpected advertising behavior.

File按鍵精靈2014.exe

DetectionAdware.Gen

MD57d4967e51a40062ae97638c25a4c4ae4

Filevideo.exe

DetectionAdware.Gen

MD5586431b19af2801990efbbb4e93f60d9

FileA0429170.exe

DetectionPUP.ELEX

MD55cd990681476c1089d3ac89ee2d92ae5

FileA0432619.dll

DetectionAdware.ELEX

MD577966913e9b938286c440c269225c878

PUP/PUA

Check whether the file came from an installer bundle, optimizer, updater, or optional offer.

FileUninstall (1).exe#895879AA94E52644

DetectionAdware.SweetIM

MD589b7d9f41453942d50e5dcca70c44fec

Fileicudt (1).dll#46D3B0FF10AC4FD1

DetectionAdware.SweetIM

MD56736b554a4b5f7140180c50ae7b11df2

FileHostAppServiceInterface (1).exe#675BEF1A81797481

DetectionAdware.SweetIM

MD539b53d508c9ac4ae7bcc0f87a82fb247

FileWebAppHelper.exe#C0BF33F07971705C

DetectionAdware.SweetIM

MD5199c353a3c0830cbb01f19036a8d20fa

Trojan

Verify the hash and origin before trusting the filename; trojans often imitate legitimate software.

FileTNod-1.4.2.3.exe

DetectionGeneral Threat

MD557712fe52623737e2313d63494ec5ec5

FileCryEA(1).dll

DetectionTrojan.Agent

MD5f7cd1b54e619e20add6d40148e301e59

FileNEW (3).exe

DetectionRansom.Blocker

MD525a283f9dcaa5799876a4ae94a0ca385

Filepatineta.exe

DetectionSpy.Keylogger

MD5d03a8e1030a28df3fcf7f7317afd4a38

Ransomware

Prioritize isolation and backup checks when this class appears on an endpoint.

Filemongodump.exe

DetectionRansom.Exp

MD50535f7307efc8a47f99afc4bc0341072

Filemongorestore.exe

DetectionRansom.Exp

MD5bd078dc4a27c5259b15b1bd463b8b911

Filemaketx.exe

DetectionRansom.Exp

MD5246793998f9f27e061d20498c782c63f

FileAvengers.exe

DetectionRansom.Wacatac

MD51784fd66059ff3ee715231c6f775d6fc

Virus

Look for copied or modified executables and scan related files created around the same time.

Filevcredist_x64.exe

DetectionVirus.Neshta

MD5345e1b9c40d30fee0139ca550660a84f

Filebrew-m2upd1.exe

DetectionVirus.Gen

MD58b52d9c37624eb520d1d3fa42cdb6b1c

Filewininst-7.1.exe

DetectionVirus.Neshta

MD513e7601fd1367266e4cb6af6c0222d28

Filewininst-9.0-amd64.exe

DetectionGeneral Threat

MD532985605ac65dd7582eabab029cf932a

How to use this digest

Start with the MD5 hash, not the filename. If the hash or file path matches a system you manage, open the report, review the publisher and detection details, then scan the endpoint with GridinSoft Anti-Malware. ThreatInfo reports show whether GridinSoft already detects the file and which detection name is used.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Category overview

Reports worth opening

Adware

PUP/PUA

Trojan

Ransomware

Virus

How to use this digest

Related