ThreatInfo Detection Digest: May 28, 2026

ThreatInfo research digest

A concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.

New report links20

Tracked categories5

Primary actionVerify hash

Category overview

Adware4 new reports PUP/PUA4 new reports Trojan4 new reports Ransomware4 new reports Virus4 new reports

Reports worth opening

Adware

Review browser changes, bundled installers, extensions, and unexpected advertising behavior.

FileSnare.dat

DetectionUnder review

MD54613e165c5d983f9ddcfeb80b13752c6

Filemaohawifisvr.exe

DetectionAdware.Kuaiba

MD5993921373facaef60cb9f9e84aab8301

FileGenieCleanService.exe

DetectionAdware.Gen

MD58dd9c4243510ccb45844a6c5fbcc6421

FileMGCommon.dll

DetectionAdware.Gen

MD518d2b2253960f4fcf00b1c4b70ecd258

PUP/PUA

Check whether the file came from an installer bundle, optimizer, updater, or optional offer.

FileIdcSrvStub_x64.dll

DetectionUnder review

MD5d92685007816eeec59d2072c8eab21a8

FileIdcSrvStub.dll

DetectionUnder review

MD5f0c25ed699ad52e411745f64299bb58d

Filevnlgp.exe

DetectionRisk.CoinMiner

MD57074c607215960a79457e8d76990c212

Fileroboot64.exe

DetectionPUP.Systweak

MD5f6f916abec34343ac7902b248cdddb78

Trojan

Verify the hash and origin before trusting the filename; trojans often imitate legitimate software.

Filefraps_rus.exe

DetectionTrojan.Gen

MD55a5c0885cf60d6f6f39c5db45e5e1211

Filemovie.exe

DetectionTrojan.Agent

MD5beb94fb30a410fb4c0ea1c67e2c8ed80

FilesIXlNZGO.exe

DetectionTrojan.Kryptik

MD51d92c741bc5b2d34dcd0a0265ab54275

Filecheckupdate.exe

DetectionTrojan.Gen

MD56d9e1356a9c1b5f36698faff9205e34a

Ransomware

Prioritize isolation and backup checks when this class appears on an endpoint.

Filemssecsvc.exe

DetectionRansom.WannaCrypt

MD5478abb44dbba06e87decd2df49f3d986

Filemssecsvc.exe

DetectionTrojan.WannaCrypt

MD53d3b7e106612cc5086ef3e8aff697829

FileAntamediaInternetCaffe5211.exe

DetectionRansom.Exp

MD52345643c490b5fbb5c3b69cfaa5244d7

Filesvchost.exe

DetectionRansom.Wacatac

MD561c33d015983d06570ff7f7300c551e2

Virus

Look for copied or modified executables and scan related files created around the same time.

File#windx11.exe

DetectionWorm.Autorun

MD58c44532840e3e9e2fc10a36e9577f650

Filehlds.exe

DetectionVirus.Jeefo

MD54d397aec174b75baf33a569f82c823e9

FileVC_redist.x86.exe

DetectionVirus.Jeefo

MD5bb75195d7a1c1435c68a7ab7c8901ea2

Filevcredist_x86.exe

DetectionVirus.Neshta

MD50f4a988ae900e590371ec0d8619128b3

How to use this digest

Start with the MD5 hash, not the filename. If the hash or file path matches a system you manage, open the report, review the publisher and detection details, then scan the endpoint with GridinSoft Anti-Malware. ThreatInfo reports show whether GridinSoft already detects the file and which detection name is used.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Category overview

Reports worth opening

Adware

PUP/PUA

Trojan

Ransomware

Virus

How to use this digest

Related