Trend graph by period
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Trojan |
|
1 (100%) |
Attacker & Actors
The status of the attacker or attack group being issued.
No data.
Country & Company
This is a country or company that is an issue.
No data.
Threat info
Last 5SNS
(Total : 1)
Total keyword
Report Malware Campaign Trojan Phishing target
News
(Total : 0)No data.
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - Malware.News | 2025.04.28 |
| 2 | 28th April – Threat Intelligence Report - Malware.News | 2025.04.28 |
| 3 | Navigating Through The Fog - Malware.News | 2025.04.28 |
| 4 | Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology | 2025.04.28 |
| 5 | Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News | 2025.04.26 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 2 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 3 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 4 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 5 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| View only the last 5 | ||
| No | Request | Hash(md5) | Report No | Date |
|---|---|---|---|---|
| 1 |  PO_107658_200.pdfftp Client info stealer email stealer Win Trojan agentTesla browser Antivirus Google Chrome User Data AsyncRAT backdoor | 4ac557f524400a9007c6c8e6912e9e1f | 9472 | 2021.03.22 |
| 2 | tmt.exe ftp Client info stealer email stealer Win Trojan agentTesla browser Google Chrome User Data Download management AsyncRAT backdoor | c7a6d988c938e4f251cdcd967dc97cfc | 9423 | 2021.03.21 |
| 3 | xckex.exe ftp Client info stealer email stealer Win Trojan agentTesla browser Google Chrome User Data Download management | 8446eb1134ac6b049b65eead1d545b59 | 9446 | 2021.03.21 |
| 4 |  IMG_724_Scanned_603.pdfftp Client info stealer email stealer Win Trojan agentTesla browser Antivirus Google Chrome User Data AsyncRAT backdoor | 5c2cd6d19381ac5a4a517c2165b29813 | 9470 | 2021.03.21 |
| 5 |  ndena.exeAzorult .NET framework ftp Client info stealer email stealer Win Trojan agentTesla browser Google Chrome User Data Download management | d4b31689b01301f90ce578d418a74231 | 9413 | 2021.03.19 |
| View only the last 5 | ||||
| Level | Description |
|---|---|
| danger | Executed a process and injected code into it |
| warning | File has been identified by 22 AntiVirus engines on VirusTotal as malicious |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Attempts to identify installed AV products by installation directory |
| watch | Code injection by writing an executable or DLL to the memory of another process |
| watch | Detects VirtualBox through the presence of a file |
| watch | Detects VMWare through the presence of various files |
| watch | Harvests credentials from local email clients |
| watch | Harvests credentials from local FTP client softwares |
| watch | Harvests information related to installed instant messenger clients |
| watch | Installs itself for autorun at Windows startup |
| watch | Potential code injection by writing to the memory of another process |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | The process powershell.exe wrote an executable file to disk |
| watch | Used NtSetContextThread to modify a thread in a remote process indicative of process injection |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Connects to a Dynamic DNS Domain |
| notice | Creates a shortcut to an executable file |
| notice | Creates a suspicious process |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Looks up the external IP address |
| notice | Moves the original executable to a new location |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Potentially malicious URLs were found in the process memory dump |
| notice | Steals private information from local Internet browsers |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | Uses Windows APIs to generate a cryptographic key |
| Network | ET INFO DYNAMIC_DNS Query to *.dyndns. Domain |
| Network | ET POLICY DynDNS CheckIp External IP Address Server Response |
| Network | ET POLICY External IP Lookup - checkip.dyndns.org |
| Network | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) |
No data
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | https://ellctrum.com/532eee12-b94fas8/NordPass-Desktop-x86.exe exe infostealer shadowharvest stealer trojan | BG  | SKAT TV Ltd. | ninjacatcher | 2025.04.26 |
| 2 | https://busvalescloud.b-cdn.net/NordPass-Desktop-x86.msix msix shadowharvest stealer trojan | ninjacatcher | 2025.04.23 | ||
| 3 | http://usdtupdate.com/usdt/installer.msi infostealer stealer trojan | GB  | ninjacatcher | 2025.04.13 | |
| 4 | http://ellctrum.com/684231568748463651/NordPassSetup.exe exe infostealer shadowharvest signed stealer trojan | RU  | OOO MediaSeti | Johns | 2025.04.05 |
| 5 | https://ellctrum.com/684231568748463651/NordPassSetup.exe infostealer signed stealer trojan | RU | TimeWeb Ltd. | boruch | 2025.04.04 |
| View only the last 5 | |||||
Beta Service, If you select keyword, you can check detailed information.