Summary: 2025/04/28 18:39
First reported date: 2014/05/13
Inquiry period : 2025/04/21 18:39 ~ 2025/04/28 18:39 (7 days), 5 search results
전 기간대비 20% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 http 입니다.
공격자 Kimsuky 도 새롭게 확인됩니다.
기관 및 기업 DPRK North Korea 도 새롭게 확인됩니다.
기타 vstAdphpnewpacomlineampwpnaaa Related PaloNetworkFilesJL httpstcoTpRg same 등 신규 키워드도 확인됩니다.
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | http | 5 | ▲ 1 (20%) |
| 2 | Kimsuky | 1 | ▲ new |
| 3 | DPRK | 1 | ▲ new |
| 4 | vstAdphpnewpacomlineampwpnaaa | 1 | ▲ new |
| 5 | North Korea | 1 | ▲ new |
| 6 | Related | 1 | ▲ new |
| 7 | PaloNetworkFilesJL | 1 | ▲ new |
| 8 | httpstcoTpRg | 1 | ▲ new |
| 9 | same | 1 | ▲ new |
| 10 | error | 1 | ▲ new |
| 11 | Next | 1 | - 0 (0%) |
| 12 | stage | 1 | - 0 (0%) |
| 13 | archive | 1 | ▲ new |
| 14 | Password | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
No data.
Attacker & Actors
The status of the attacker or attack group being issued.
| Keyword | Average | Label |
|---|---|---|
| Kimsuky |
|
1 (100%) |
Technique
This is an attack technique that is becoming an issue.
No data.
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| DPRK |
|
1 (50%) |
| North Korea |
|
1 (50%) |
Threat info
Last 5SNS
(Total : 5)
Total keyword
Kimsuky DPRK North Korea Password
News
(Total : 0)No data.
Additional information
| No | Title | Date |
|---|---|---|
| 1 | 28th April – Threat Intelligence Report - Malware.News | 2025.04.28 |
| 2 | Navigating Through The Fog - Malware.News | 2025.04.28 |
| 3 | Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology | 2025.04.28 |
| 4 | Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News | 2025.04.26 |
| 5 | Threat Hunting: For what, when, and how? - Malware.News | 2025.04.26 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | HTTP/3 is everywhere but nowhere - Malware.News | 2025.03.13 |
| 2 | HTTP/3 is everywhere but nowhere - Malware.News | 2025.03.13 |
| 3 | HTTP/3 is everywhere but nowhere - Malware.News | 2025.03.13 |
| 4 | HTTP/3 is everywhere but nowhere - Malware.News | 2025.03.13 |
| 5 | HTTP/3 is everywhere but nowhere - Malware.News | 2025.03.13 |
| View only the last 5 | ||
| Level | Description |
|---|---|
| danger | File has been identified by 33 AntiVirus engines on VirusTotal as malicious |
| watch | Attempts to stop active services |
| watch | Creates known SpyNet files |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Drops a binary and executes it |
| notice | Drops an executable to the user AppData folder |
| notice | Executes one or more WMI queries |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Command line console output was observed |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
No data
No data
Beta Service, If you select keyword, you can check detailed information.