ThreatInfo Detection Digest: May 26, 2026

ThreatInfo research digest

A concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.

New report links20

Tracked categories5

Primary actionVerify hash

Category overview

Adware4 new reports PUP/PUA4 new reports Trojan4 new reports Ransomware4 new reports Virus4 new reports

Reports worth opening

Adware

Review browser changes, bundled installers, extensions, and unexpected advertising behavior.

FileA0429175.dll

DetectionAdware.ELEX

MD5572b72b7266ff5314fdff8c1a254fa5a

FileA0432617.dll

DetectionAdware.ELEX

MD582a4c605006758b33e5fb93b5179ed9e

Filenst7BB0.tmp

DetectionAdware.Gen

MD58dd9c4243510ccb45844a6c5fbcc6421

Filense9718.tmp

DetectionAdware.Gen

MD518d2b2253960f4fcf00b1c4b70ecd258

PUP/PUA

Check whether the file came from an installer bundle, optimizer, updater, or optional offer.

FileHostAppService (1).exe#A8FEBE165DE74CED

DetectionAdware.SweetIM

MD538167772ee150ce235d03c771b5c5701

Fileavformat-54 (1).dll#35A20203E517620E

DetectionAdware.SweetIM

MD5c1889aa8debc30a968394a4e23e1e7de

FilelibEGL (1).dll#94F9830766855466

DetectionAdware.SweetIM

MD5235688032bbaecd1cfbb1464f9941fe1

Fileavutil-51 (1).dll#19A741211475961C

DetectionAdware.SweetIM

MD576ff3f16f03375d439bf1feec51d0dac

Trojan

Verify the hash and origin before trusting the filename; trojans often imitate legitimate software.

Filemeteorito.exe

DetectionGeneral Threat

MD5c6b54a1471fd7ae270cc1ee690443143

FileA0029758.EXE

DetectionGeneral Threat

MD5bf4621961fe9765b08349ab5c88cc962

File105044842.exe

DetectionHack.KMS

MD5fe0b79c90bf882a4404de4dff046d331

Filecat.exe

DetectionAdware.ELEX

MD5b29df7d4c1d480e1680ff9a0922f6039

Ransomware

Prioritize isolation and backup checks when this class appears on an endpoint.

Filecheck_windrvr6.exe

DetectionRansom.Exp

MD563b515bebf54f1e9701f1f90f8f11883

FileRecorderHD64.dll

DetectionRansom.Wacatac

MD50fd10af1971a2ad2196ffcd240cf4c12

FileFAHScreensaver.scr

DetectionRansomWin32.Gen

MD5451dabf61a47b9d124a39d6ef29faa46

Filewinboxscan.exe

DetectionRansom.Wacatac

MD5ba8b9279e1468697d6ce6bcbe6c70f0a

Virus

Look for copied or modified executables and scan related files created around the same time.

Filewininst-9.0.exe

DetectionGeneral Threat

MD52908c799d1d7b09b71db729b18bb8ac2

Filewininst-6.0.exe

DetectionVirus.Neshta

MD57e4414943f4e731cb696b60d75906dca

Filewininst-8.0.exe

DetectionVirus.Neshta

MD5ac88ed9b3aab1b45d02d527e91fcfe16

FileAdvanced eBook Processor 2.2.exe

DetectionGeneral Threat

MD587c58afe585b8c571c8e12873bc2d55a

How to use this digest

Start with the MD5 hash, not the filename. If the hash or file path matches a system you manage, open the report, review the publisher and detection details, then scan the endpoint with GridinSoft Anti-Malware. ThreatInfo reports show whether GridinSoft already detects the file and which detection name is used.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.