Summary: 2025/04/28 19:53
First reported date: 2007/12/04
Inquiry period : 2025/04/27 19:53 ~ 2025/04/28 19:53 (1 days), 1 search results
지난 7일 기간대비 동일한 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 attack DDoS 입니다.
기관 및 기업 China 도 새롭게 확인됩니다.
기타 cybersecur variant FICORA largescale 신규 키워드도 확인됩니다.
참고로 동일한 그룹의 악성코드 타입은 PingPull Prometei Mirai 등 9개 종이 확인됩니다.
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | cybersecur | 1 | ▲ new |
| 2 | variant | 1 | ▲ new |
| 3 | FICORA | 1 | ▲ new |
| 4 | Botnet | 1 | - 0 (0%) |
| 5 | largescale | 1 | ▲ new |
| 6 | attack | 1 | ▲ 1 (100%) |
| 7 | DDoS | 1 | ▲ 1 (100%) |
| 8 | China | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Botnet |
|
1 (100%) |
Attacker & Actors
The status of the attacker or attack group being issued.
No data.
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| DDoS |
|
1 (100%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| China |
|
1 (100%) |
Threat info
Last 5SNS
(Total : 1)
Total keyword
News
(Total : 0)No data.
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - Malware.News | 2025.04.28 |
| 2 | 28th April – Threat Intelligence Report - Malware.News | 2025.04.28 |
| 3 | Navigating Through The Fog - Malware.News | 2025.04.28 |
| 4 | Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology | 2025.04.28 |
| 5 | Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News | 2025.04.26 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Federal charges filed against alleged SmokeLoader malware operator - Malware.News | 2025.04.21 |
| 2 | Identifying Device vendors behind connections attempts based on MAC Addresses - Malware.News | 2025.03.27 |
| 3 | SVC New Stealer on the Horizon - Malware.News | 2025.03.21 |
| 4 | SVC New Stealer on the Horizon - Malware.News | 2025.03.21 |
| 5 | Monthly Threat Actor Group Intelligence Report, January 2025 (JPN) - Malware.News | 2025.03.17 |
| View only the last 5 | ||
| No | Request | Hash(md5) | Report No | Date |
|---|---|---|---|---|
| 1 | http://190.109.236.187:37981/i Eir D1000 routers Vulnerability Mozi Botnet IoT AntiDebug AntiVM ELF | eec5c6c219535fba3a0492ea8118b397 | 38886 | 2023.03.05 |
| 2 | http://182.116.103.159:45110/i Eir D1000 routers Vulnerability Mozi Botnet IoT AntiDebug AntiVM ELF | eec5c6c219535fba3a0492ea8118b397 | 38896 | 2023.03.05 |
| 3 | http://136.175.70.129:45330/mo... PWS[m] Mozi Botnet IoT Downloader UPX Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File ELF | 59ce0baba11893f90527fc951ac69912 | 38947 | 2023.03.05 |
| 4 | http://46.100.59.70:53005/.i Hajime Botnet IoT AntiDebug AntiVM ELF | 9b6c3518a91d23ed77504b5416bfb5b3 | 38700 | 2023.03.05 |
| 5 | http://163.182.232.65:48836/i Mozi Botnet IoT UPX AntiDebug AntiVM ELF | 59ce0baba11893f90527fc951ac69912 | 38703 | 2023.03.05 |
| View only the last 5 | ||||
| Level | Description |
|---|---|
| watch | Communicates with host for which no DNS query was performed |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | An application raised an exception which may be indicative of an exploit crash |
| notice | Performs some HTTP requests |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | One or more processes crashed |
| Network | ET POLICY Executable and linking format (ELF) file download |
| No | Category | URL | CC | ASN Co | Date |
|---|---|---|---|---|---|
| 1 | c2 | http://f.codingdrunk.cc/ | SG  | AS-CHOOPA | 2023.10.06 |
| 2 | c2 | http://sms.codingdrunk.cc/ | 2023.10.06 | ||
| 3 | c2 | http://fuckyounigger.8x19.com/ | 2023.03.20 |
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | http://192.109.219.67:58349/S95baby.sh botnet iot Mozi | AL  | iLikeMalware | 2025.04.24 | |
| 2 | http://77.247.88.81:37575/S95baby.sh botnet iot Mozi | AL | Tele.Co.Albania SHPK | iLikeMalware | 2025.04.24 |
| 3 | http://47.241.100.18:8001/Mozi.m botnet iot Mozi | US  | ... | iLikeMalware | 2025.04.24 |
| 4 | http://47.241.100.18:8008/Mozi.m botnet iot Mozi | US | ... | iLikeMalware | 2025.04.24 |
| 5 | http://47.241.100.18:8002/Mozi.m botnet iot Mozi | US | ... | iLikeMalware | 2025.04.24 |
| View only the last 5 | |||||
Beta Service, If you select keyword, you can check detailed information.