ThreatInfo Detection Digest: May 24, 2026

ThreatInfo research digest

A concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.

New report links20

Tracked categories5

Primary actionVerify hash

Category overview

Adware4 new reports PUP/PUA4 new reports Trojan4 new reports Ransomware4 new reports Virus4 new reports

Reports worth opening

Adware

Review browser changes, bundled installers, extensions, and unexpected advertising behavior.

FileUAC.dll

DetectionAdware.ELEX

MD58af660f702106a32d668e27f8dda0e3b

FileGoogleUpdateBroker.exe#E3F6DE939267FB08

DetectionGeneral Threat

MD5f98de4108614e4bb81e95e58e36c7000

FileGoogleUpdateOnDemand.exe#51ABBC6D133D997C

DetectionGeneral Threat

MD57e767b342e55eb1dfd74a65d24ea4b70

File$RNQSU6M.dll

DetectionAdware.Gen

MD50d47cfdfea956378a049c437d38ec0cc

PUP/PUA

Check whether the file came from an installer bundle, optimizer, updater, or optional offer.

FileUninstall (1).exe

DetectionAdware.SweetIM

MD50af5ae13508809e9a4bfe97186eec49c

FileHostAppServiceUpdater (1).exe#B3D56172C1308D4E

DetectionAdware.SweetIM

MD58cf918763c40167b8076ab103de27317

FileHostAppServiceUpdater (1).exe

DetectionAdware.SweetIM

MD59a559763613b503245d425462f0727ca

Filevnlgp.exe.quarantined

DetectionRisk.CoinMiner

MD57074c607215960a79457e8d76990c212

Trojan

Verify the hash and origin before trusting the filename; trojans often imitate legitimate software.

FileKMSSS.exe

DetectionHack.KMS

MD5144cf3238e59f210646bdc6dd2ba631f

File1.exe

DetectionTrojan.CoinMiner

MD5b3f804bc737b0b59f1e0188964908041

Filekeygen.exe

DetectionGeneral Threat

MD52636801a85d56cf5c8ed6d3d08827571

FileMain.exe

DetectionTrojan.Gen

MD5a7a82952b1b3181f4897bd5f3d8d96ec

Ransomware

Prioritize isolation and backup checks when this class appears on an endpoint.

Filed.exe

DetectionTrojan.Wacatac

MD5784f97b2fe3e5570a9af2b9f7370a23e

FileNew Year Fireplace.scr

DetectionTrojan.Heur!

MD5e0da4d3631ce221d90946dd6af05eeb1

Filerunw.exe

DetectionTrojan.Agent

MD55829c81cf9565b4ebf6c36c17e9161d4

FileBrLogRx64.exe

DetectionRansom.Exp

MD512fe3811706db2c140f79501cc41d00d

Virus

Look for copied or modified executables and scan related files created around the same time.

Filesetup.exe

DetectionVirus.Neshta

MD52c6eab26b683189c9ce7e165a532716a

Filebrew-mii.exe

DetectionVirus.Gen

MD51f2f245bd17174c297b6e1402607ecf1

Filevcredist_x86_05_sp1.exe

DetectionVirus.Neshta

MD5e103a1bc24b46f939f006304b633e158

Filevcredist_x86.exe

DetectionVirus.Neshta

MD52ce976c2bc8ce751d2331633ead0b887

How to use this digest

Start with the MD5 hash, not the filename. If the hash or file path matches a system you manage, open the report, review the publisher and detection details, then scan the endpoint with GridinSoft Anti-Malware. ThreatInfo reports show whether GridinSoft already detects the file and which detection name is used.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.