user@threatcheck.sh ~ threat-analysis
bash
$ analyze-threat PUA:Win32/Puwaders.C!ml
PUA:Win32/Puwaders.C!ml - Windows Defender threat signature analysis

PUA:Win32/Puwaders.C!ml - Windows Defender Threat Analysis

$ cat analysis.txt
=== THREAT ANALYSIS REPORT ===
Threat Name: PUA:Win32/Puwaders.C!ml
Classification:
Type:PUA
Platform:Win32
Family:Puwaders
Detection Type:Concrete
Known malware family with identified signatures
Variant:C
Specific signature variant within the malware family
Suffix:!ml
Identified through machine learning models
Confidence:Very High
False-Positive Risk:Low

Concrete signature match: PUA for 32-bit Windows platform, family Puwaders

Summary:

PUA:Win32/Puwaders.C!ml is a Potentially Unwanted Application (PUA), typically a software bundler or installer that includes other unwanted programs. It installs adware, browser toolbars, or other software without clear user consent, which can lead to unwanted ads, browser hijacking, and decreased system performance.

Severity:
Medium
VDM Static Detection:
No specific strings found for this threat
Known malware which is associated with this threat:
Filename: MsCtfMonitor.dll
7d8c219b56f2733efc8ee22b11bfb9aaad51dd70d131ba2e0dcf8800f0053852
07/12/2025
VirusTotalDownload Sample
Filename: agent_fw.exe
f61055630f6ec93652be25700bc48b6db997560cf0de1f7b3132ba7206603688
06/12/2025
VirusTotalDownload Sample
Filename: agent_fw_x64.exe
5a3b7f08013bcb3d40e4f885167e3aeae3b84ee9c4ac207df0eb83cccd7ac7b3
06/12/2025
VirusTotalDownload Sample
Filename: dec_fast.exe
62459f33fd9a933799857e537cb3fbfd41b32658cde2a5119cc5a819aecc53ca
06/12/2025
VirusTotalDownload Sample
Filename: dec_victim.exe
cf010c57d465e0bde7a9d5f351aab442bdfff49c393be0bb139185df8a0248ec
06/12/2025
VirusTotalDownload Sample
Remediation Steps:
Use your antivirus software to quarantine and remove the detected files. Review recently installed programs via 'Apps & features' and uninstall any unfamiliar applications. Check all browser extensions and reset browser settings to their default to remove any unwanted changes.
=== END REPORT ===
$ reanalyze-threat
This analysis was last updated on 12/11/2025. Do you want to analyze it again?
$ ls available-commands/
→ cd /home
user@threatcheck.sh:~$