ThreatInfo Detection Digest: May 17, 2026

ThreatInfo research digest

A concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.

New report links20

Tracked categories5

Primary actionVerify hash

Category overview

Adware4 new reports PUP/PUA4 new reports Trojan4 new reports Ransomware4 new reports Virus4 new reports

Reports worth opening

Adware

Review browser changes, bundled installers, extensions, and unexpected advertising behavior.

File$R72S47C.dll

DetectionAdware.ELEX

MD547b40e227e3052f7771983e01e8ac86c

FileDonTech.dll

DetectionAdware.Agent

MD536cb95e29e20d1b066ec5b8eca6c4d20

Filebcuservice.exe

DetectionAdware.Gen

MD5382b151daffe4a9ce9da9f564b66761e

FileA0424729.exe

DetectionAdware.ELEX

MD5eba35d35628ceb8acaa2302f9698a8d0

PUP/PUA

Check whether the file came from an installer bundle, optimizer, updater, or optional offer.

File10ea-22d8-9b9e-0a5b.exe

DetectionUnder review

MD5602cd1f0dd54e83de1413705aa378803

FileA0061884.dll

DetectionUnder review

MD5157d3660fea65e2ebdcd48647720950c

FileA0054949.dll

DetectionUnder review

MD555d44dc1ec699ffb6b3519a022153cac

FileA0054943.dll

DetectionUnder review

MD5a8d8a483602be55485fc8c6d7b2b680f

Trojan

Verify the hash and origin before trusting the filename; trojans often imitate legitimate software.

FileIEXPL0RE.EXE

DetectionTrojan.CoinMiner

MD5d9ec6f3a3b2ac7cd5eef07bd86e3efbc

FilegAutoKMS.exe

DetectionTrojan.Agent

MD5a351f99236a011d4027886215b843317

Filetimetasks.exe.vir

DetectionAdware.Downloader

MD5fb1f04fb851fe921aec9148495669c55

Fileoem-drv64.sys

DetectionGeneral Threat

MD5ff86bedaff2a06f098959a64b0758fb2

Ransomware

Prioritize isolation and backup checks when this class appears on an endpoint.

FileloaderX2.exe

DetectionRansom.Samas

MD5c84e22d07f28fed6e366df5ba4383c7a

FileResGer.dll

DetectionRansom.Locky

MD53ad96cb4e7d547882f605daeb2f380bf

Filewinsvc.exe

DetectionTrojan.Agent

MD560236fe463e180272b98cf8f93208a80

FileSetup-Ro.exe

DetectionRansom.Somhoveran

MD5b634e46e3ed42aef63135b218446025e

Virus

Look for copied or modified executables and scan related files created around the same time.

Filefsquirt(16).exe

DetectionVirus.Jeefo

MD557b751688e912cacd4d26c7ab4e3f441

FileSolitaire.exe

DetectionVirus.Jeefo

MD58a9ba91f7d7e59acdaae9b6ad4ac0896

FileMineSweeper.exe

DetectionVirus.Jeefo

MD5ba03a59336aaec6cbaa926ac9f5ceee0

FilePurblePlace.exe

DetectionVirus.Jeefo

MD55f27d952d735ac075cd12e173745cf61

How to use this digest

Start with the MD5 hash, not the filename. If the hash or file path matches a system you manage, open the report, review the publisher and detection details, then scan the endpoint with GridinSoft Anti-Malware. ThreatInfo reports show whether GridinSoft already detects the file and which detection name is used.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.