tRat is a modular delphi remote access trojan from the threat actor TA505. TA505 was previously responsible for Dridex and Locky campaigns.

FORMA Ransomware is a HiddenTear derivative apparently target toward Polish population. It encrypts files using AES and demands ransom in BTC.

CVE-2018-15982 is assigned to an arbitrary code execution. Yet another Adobe Flash 0day exploit. The malicious hackers are using infected documents, particularly Microsoft Word ones. They are packed inside a RAR archive along with a JPG photo. As soon as the archives are opened upon launching of the Microsoft Word document the built-in Flash scripts will extract a malware payload from the photo.

L0rdix, a multipurpose attack tools that appear to in development pahse. Is is currently available for purchase in underground forums, is aimed at infecting Windows-based machines, combines stealing and cryptocurrency mining methods, can avoid malware analysis tools and is designed to be a universal "go-to" tool for attackers.

Katyusha Ransomware encrypts user data with AES, and then requires a 0.5 BTC ransom to return files. An extension is added to the encrypted files: .katyusha