{"id":110,"date":"2026-05-15T03:27:06","date_gmt":"2026-05-15T03:27:06","guid":{"rendered":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/"},"modified":"2026-05-15T03:27:06","modified_gmt":"2026-05-15T03:27:06","slug":"threatinfo-daily-digest-2026-05-15","status":"publish","type":"post","link":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/","title":{"rendered":"ThreatInfo Detection Digest: May 15, 2026"},"content":{"rendered":"
\n

ThreatInfo research digest<\/p>\n

A concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.<\/p>\n

\n
New report links<\/span>20<\/strong><\/div>\n
Tracked categories<\/span>5<\/strong><\/div>\n
Primary action<\/span>Verify hash<\/strong><\/div>\n<\/div>\n<\/section>\n
\n

Category overview<\/h2>\n
Adware<\/strong>4 new reports<\/span><\/a>PUP\/PUA<\/strong>4 new reports<\/span><\/a>Trojan<\/strong>4 new reports<\/span><\/a>Ransomware<\/strong>4 new reports<\/span><\/a>Virus<\/strong>4 new reports<\/span><\/a><\/div>\n<\/section>\n
\n

Reports worth opening<\/h2>\n
\n
\n

Adware<\/h3>\n

Review browser changes, bundled installers, extensions, and unexpected advertising behavior.<\/p>\n<\/div>\n

\n
\n
File<\/span>chrome_IObitDel.dll<\/a><\/div>\n
Detection<\/span>Adware.Shopper<\/strong><\/div>\n
MD5<\/span>c3839ac61ec9f04909dda23e4f1d769b<\/code><\/div>\n<\/div>\n
\n
File<\/span>chrome_child_IObitDel.dll<\/a><\/div>\n
Detection<\/span>Adware.Shopper<\/strong><\/div>\n
MD5<\/span>8967eb8598899bf5dad7ac167e8eda27<\/code><\/div>\n<\/div>\n
\n
File<\/span>chrome_elf_IObitDel.dll<\/a><\/div>\n
Detection<\/span>Adware.Shopper<\/strong><\/div>\n
MD5<\/span>1af18c97c81859d26098300d570d69f9<\/code><\/div>\n<\/div>\n
\n
File<\/span>knsc4710258-ee55-4e33-8655-4972ceac937a.tmpfs<\/a><\/div>\n
Detection<\/span>Adware.ConvertAd<\/strong><\/div>\n
MD5<\/span>29b610e22bdb558437b566c55b4ad0a3<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n

PUP\/PUA<\/h3>\n

Check whether the file came from an installer bundle, optimizer, updater, or optional offer.<\/p>\n<\/div>\n

\n
\n
File<\/span>$RECWO2B.exe<\/a><\/div>\n
Detection<\/span>General Threat<\/strong><\/div>\n
MD5<\/span>4bf9e4d6402010b6428664f6d94ceeb9<\/code><\/div>\n<\/div>\n
\n
File<\/span>ucdrv-x86.sys.del<\/a><\/div>\n
Detection<\/span>Under review<\/strong><\/div>\n
MD5<\/span>8ce04a3499594b3322932585f17f6293<\/code><\/div>\n<\/div>\n
\n
File<\/span>UCBrowser.exe.del<\/a><\/div>\n
Detection<\/span>General Threat<\/strong><\/div>\n
MD5<\/span>164d27c9830ccdf485bbd1701f9e577e<\/code><\/div>\n<\/div>\n
\n
File<\/span>$RM950EF.exe<\/a><\/div>\n
Detection<\/span>PUP.Gen<\/strong><\/div>\n
MD5<\/span>b47834aa24a378fd868230a695984774<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n

Trojan<\/h3>\n

Verify the hash and origin before trusting the filename; trojans often imitate legitimate software.<\/p>\n<\/div>\n

\n
\n
File<\/span>MaxxAudioMeters64.exe<\/a><\/div>\n
Detection<\/span>Under review<\/strong><\/div>\n
MD5<\/span>030b0e978bee347e9a671a7bea4501fe<\/code><\/div>\n<\/div>\n
\n
File<\/span>kmservice.exe<\/a><\/div>\n
Detection<\/span>Trojan.HackKMS<\/strong><\/div>\n
MD5<\/span>9e97011c50db3f6bc6a4b21be5197a1e<\/code><\/div>\n<\/div>\n
\n
File<\/span>A0008667.exe<\/a><\/div>\n
Detection<\/span>Trojan.Agent<\/strong><\/div>\n
MD5<\/span>5d4a433038eebee8950a0ae024cc9997<\/code><\/div>\n<\/div>\n
\n
File<\/span>IObit Driver Booster Pro 4.4.0.512.exe<\/a><\/div>\n
Detection<\/span>Ransom.Wacatac<\/strong><\/div>\n
MD5<\/span>1d95f7c9135fefc44b34ef89a26de425<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n

Ransomware<\/h3>\n

Prioritize isolation and backup checks when this class appears on an endpoint.<\/p>\n<\/div>\n

\n
\n
File<\/span>AlcorMP.exe<\/a><\/div>\n
Detection<\/span>General Threat<\/strong><\/div>\n
MD5<\/span>6aa3d81dcd255b51d9f850f7b246c6c1<\/code><\/div>\n<\/div>\n
\n
File<\/span>WINZIP32.EXE<\/a><\/div>\n
Detection<\/span>Hijack.Explorer<\/strong><\/div>\n
MD5<\/span>0f33994b64d1e030591babe1cb065e75<\/code><\/div>\n<\/div>\n
\n
File<\/span>winzip32.exe<\/a><\/div>\n
Detection<\/span>Trojan.Packed<\/strong><\/div>\n
MD5<\/span>10f94491c0c518e34d01c7edf67242ec<\/code><\/div>\n<\/div>\n
\n
File<\/span>TechToolStore.exe<\/a><\/div>\n
Detection<\/span>PUP.Gen<\/strong><\/div>\n
MD5<\/span>fc443782dc6fa513de4a8f47ffe7d50c<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
\n

Virus<\/h3>\n

Look for copied or modified executables and scan related files created around the same time.<\/p>\n<\/div>\n

\n
\n
File<\/span>vcredist_x86.exe<\/a><\/div>\n
Detection<\/span>Virus.Jeefo<\/strong><\/div>\n
MD5<\/span>0196a4d2d246775c140667bc70db8bb5<\/code><\/div>\n<\/div>\n
\n
File<\/span>vcredist_x86_vs2012_4.exe<\/a><\/div>\n
Detection<\/span>Virus.Jeefo<\/strong><\/div>\n
MD5<\/span>0c655a3e47caf4b73b918c97f25db058<\/code><\/div>\n<\/div>\n
\n
File<\/span>vcredist_x64.exe<\/a><\/div>\n
Detection<\/span>Virus.Jeefo<\/strong><\/div>\n
MD5<\/span>734a0cbb3601e8910985b4d472a4792d<\/code><\/div>\n<\/div>\n
\n
File<\/span>steambackup.exe<\/a><\/div>\n
Detection<\/span>Virus.Jeefo<\/strong><\/div>\n
MD5<\/span>c906de44e37e13c7a31bd68fc8e73c02<\/code><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n
\n

How to use this digest<\/h2>\n

Start with the MD5 hash, not the filename. If the hash or file path matches a system you manage, open the report, review the publisher and detection details, then scan the endpoint with GridinSoft Anti-Malware<\/a>. ThreatInfo reports show whether GridinSoft already detects the file and which detection name is used.<\/p>\n<\/section>\n","protected":false},"excerpt":{"rendered":"

ThreatInfo research digest A concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify … <\/p>\n

Read more<\/a><\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":""},"categories":[50],"tags":[],"yoast_head":"\nThreatInfo Detection Digest: May 15, 2026 - ThreatInfo Research<\/title>\n<meta name=\"description\" content=\"ThreatInfo detection digest with new file reports, malware categories, MD5 hashes, and GridinSoft verdict context.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ThreatInfo Detection Digest: May 15, 2026 - ThreatInfo Research\" \/>\n<meta property=\"og:description\" content=\"ThreatInfo detection digest with new file reports, malware categories, MD5 hashes, and GridinSoft verdict context.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatInfo Research\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-15T03:27:06+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/threatinfo.net\/articles\/#website\",\"url\":\"https:\/\/threatinfo.net\/articles\/\",\"name\":\"ThreatInfo Research\",\"description\":\"Malware explainers, daily file-report links, hashes, GridinSoft detections, and remediation guidance from ThreatInfo Research\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/threatinfo.net\/articles\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/#webpage\",\"url\":\"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/\",\"name\":\"ThreatInfo Detection Digest: May 15, 2026 - ThreatInfo Research\",\"isPartOf\":{\"@id\":\"https:\/\/threatinfo.net\/articles\/#website\"},\"datePublished\":\"2026-05-15T03:27:06+00:00\",\"dateModified\":\"2026-05-15T03:27:06+00:00\",\"author\":{\"@id\":\"\"},\"description\":\"ThreatInfo detection digest with new file reports, malware categories, MD5 hashes, and GridinSoft verdict context.\",\"breadcrumb\":{\"@id\":\"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/threatinfo.net\/articles\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ThreatInfo Detection Digest: May 15, 2026\"}]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ThreatInfo Detection Digest: May 15, 2026 - ThreatInfo Research","description":"ThreatInfo detection digest with new file reports, malware categories, MD5 hashes, and GridinSoft verdict context.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/","og_locale":"en_US","og_type":"article","og_title":"ThreatInfo Detection Digest: May 15, 2026 - ThreatInfo Research","og_description":"ThreatInfo detection digest with new file reports, malware categories, MD5 hashes, and GridinSoft verdict context.","og_url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/","og_site_name":"ThreatInfo Research","article_published_time":"2026-05-15T03:27:06+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/threatinfo.net\/articles\/#website","url":"https:\/\/threatinfo.net\/articles\/","name":"ThreatInfo Research","description":"Malware explainers, daily file-report links, hashes, GridinSoft detections, and remediation guidance from ThreatInfo Research","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatinfo.net\/articles\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/#webpage","url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/","name":"ThreatInfo Detection Digest: May 15, 2026 - ThreatInfo Research","isPartOf":{"@id":"https:\/\/threatinfo.net\/articles\/#website"},"datePublished":"2026-05-15T03:27:06+00:00","dateModified":"2026-05-15T03:27:06+00:00","author":{"@id":""},"description":"ThreatInfo detection digest with new file reports, malware categories, MD5 hashes, and GridinSoft verdict context.","breadcrumb":{"@id":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-15\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatinfo.net\/articles\/"},{"@type":"ListItem","position":2,"name":"ThreatInfo Detection Digest: May 15, 2026"}]}]}},"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":114,"url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-17\/","url_meta":{"origin":110,"position":0},"title":"ThreatInfo Detection Digest: May 17, 2026","date":"May 17, 2026","format":false,"excerpt":"ThreatInfo research digestA concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.New report links20Tracked categories5Primary actionVerify hashCategory overviewAdware4 new reportsPUP\/PUA4 new reportsTrojan4 new\u2026","rel":"","context":"In "Daily Digest"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":109,"url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-14\/","url_meta":{"origin":110,"position":1},"title":"ThreatInfo Detection Digest: May 14, 2026","date":"May 14, 2026","format":false,"excerpt":"ThreatInfo research digestA concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.New report links20Tracked categories5Primary actionVerify hashCategory overviewAdware4 new reportsPUP\/PUA4 new reportsTrojan4 new\u2026","rel":"","context":"In "Daily Digest"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":113,"url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-16\/","url_meta":{"origin":110,"position":2},"title":"ThreatInfo Detection Digest: May 16, 2026","date":"May 16, 2026","format":false,"excerpt":"ThreatInfo research digestA concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.New report links20Tracked categories5Primary actionVerify hashCategory overviewAdware4 new reportsPUP\/PUA4 new reportsTrojan4 new\u2026","rel":"","context":"In "Daily Digest"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":103,"url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-13\/","url_meta":{"origin":110,"position":3},"title":"ThreatInfo Detection Digest: May 13, 2026","date":"May 13, 2026","format":false,"excerpt":"ThreatInfo research digestA concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.New report links20Tracked categories5Primary actionVerify hashCategory overviewAdware4 new reportsPUP\/PUA4 new reportsTrojan4 new\u2026","rel":"","context":"In "Daily Digest"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":115,"url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-18\/","url_meta":{"origin":110,"position":4},"title":"ThreatInfo Detection Digest: May 18, 2026","date":"May 18, 2026","format":false,"excerpt":"ThreatInfo research digestA concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.New report links20Tracked categories5Primary actionVerify hashCategory overviewAdware4 new reportsPUP\/PUA4 new reportsTrojan4 new\u2026","rel":"","context":"In "Daily Digest"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":116,"url":"https:\/\/threatinfo.net\/articles\/threatinfo-daily-digest-2026-05-19\/","url_meta":{"origin":110,"position":5},"title":"ThreatInfo Detection Digest: May 19, 2026","date":"May 19, 2026","format":false,"excerpt":"ThreatInfo research digestA concise set of new file reports that were not used in recent digests. Each entry includes the detection name, MD5 hash, and a direct report link so analysts can verify the exact sample before taking action.New report links20Tracked categories5Primary actionVerify hashCategory overviewAdware4 new reportsPUP\/PUA4 new reportsTrojan4 new\u2026","rel":"","context":"In "Daily Digest"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/posts\/110"}],"collection":[{"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/comments?post=110"}],"version-history":[{"count":0,"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/posts\/110\/revisions"}],"wp:attachment":[{"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/media?parent=110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/categories?post=110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatinfo.net\/articles\/wp-json\/wp\/v2\/tags?post=110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}