Soft.exe -
: In more recent activity, a related variant named ViperSoftX has been found disguised as cracked software to steal cryptocurrency and system information.
According to analysis from Joe Sandbox and Hybrid Analysis , typical indicators include: : E4272FB1E61D3D995EEA488931E815AF . File Paths : Often found in %TEMP% or on the %DESKTOP% . Soft.exe
Nuclear Exploit Kit (EK), cracked software, or malicious torrents File encryption (Ransomware) or theft of crypto-wallet data Detection High malicious score (100/100) in automated analysis Threat Roundup for August 12 to August 19 : In more recent activity, a related variant
: It is known to inject malicious code into legitimate Windows processes like svchost.exe to operate stealthily in memory. Nuclear Exploit Kit (EK), cracked software, or malicious
: It has been documented as a downloader for Locky ransomware and has appeared in campaigns involving the RagnarLocker threat group.
Excel
Word
PowerPoint
OneNote
Outlook
Access
Publisher
Project
Visio