Summary: 2025/04/28 23:54
First reported date: 2010/11/26
Inquiry period : 2025/04/27 23:54 ~ 2025/04/28 23:54 (1 days), 2 search results
지난 7일 기간대비 -50% 낮은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 Phishing Campaign RCE Update target 입니다.
기타 WooCommerce fake WordPress 신규 키워드도 확인됩니다.
* 최근 뉴스기사 Top3:
ㆍ 2025/04/28 WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | WooCommerce | 2 | ▲ new |
| 2 | Phishing | 2 | ▲ 2 (100%) |
| 3 | Campaign | 2 | ▲ 1 (50%) |
| 4 | fake | 2 | ▲ new |
| 5 | RCE | 2 | ▲ 2 (100%) |
| 6 | Backdoor | 2 | ▼ -1 (-50%) |
| 7 | Update | 2 | ▲ 1 (50%) |
| 8 | target | 2 | ▲ 1 (50%) |
| 9 | Vulnerability | 1 | - 0 (0%) |
| 10 | WordPress | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
No data.
Attacker & Actors
The status of the attacker or attack group being issued.
No data.
Country & Company
This is a country or company that is an issue.
No data.
Threat info
Last 5SNS
(Total : 1)
Total keyword
Phishing Campaign RCE Backdoor Update target
News
(Total : 1)
Total keyword
Vulnerability Phishing Campaign Update Backdoor WordPress RCE target
| No | Title | Date |
|---|---|---|
| 1 | WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors - The Hacker News | 2025.04.28 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Employee monitoring app exposes users, leaks 21+ million screenshots - Malware.News | 2025.04.28 |
| 2 | Introducing XSIAM 3.0 - Malware.News | 2025.04.28 |
| 3 | Deploy Bravely with Prisma AIRS - Malware.News | 2025.04.28 |
| 4 | 2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types - Malware.News | 2025.04.28 |
| 5 | Intel CEO Targets Change in Corporate Culture to Shape Up - Bloomberg Technology | 2025.04.28 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 2 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 3 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 4 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| 5 | Lessons from Ted Lasso for cybersecurity success - Malware.News | 2025.04.25 |
| View only the last 5 | ||
| No | Request | Hash(md5) | Report No | Date |
|---|---|---|---|---|
| 1 |  PropertyFiles_2025-04-21.exenjRAT backdoor Generic Malware Antivirus Malicious Library UPX PE File CAB OS Name Check MSOffice File PE32 OS Processor Check DLL | b4f9c6f50cc331920c86a36e83e6b9f6 | 59888 | 2025.04.24 |
| 2 |  Explerer.exenjRAT backdoor PE File .NET EXE PE32 | 7c27b7369ddd2a6e528b1103d6c252e3 | 59853 | 2025.04.22 |
| 3 |  njntos.exenjRAT backdoor PE File .NET EXE PE32 | b510120966ae2b95f96e34dffb58f277 | 59854 | 2025.04.22 |
| 4 |  VPN-Installer.exenjRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File CAB PE32 MSOffice File OS Processor Check OS Name Check DLL | 5188e0fd775892a2bdd22429988ab955 | 59727 | 2025.04.21 |
| 5 |  BTC-Flasher.exenjRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File CAB PE32 MSOffice File OS Processor Check OS Name Check DLL | cdc608f2170924fa6849c50369bf0ff9 | 59808 | 2025.04.21 |
| View only the last 5 | ||||
| Level | Description |
|---|---|
| warning | File has been identified by 21 AntiVirus engines on VirusTotal as malicious |
| watch | Creates known Upatre files |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | One or more potentially interesting buffers were extracted |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | Resolves a suspicious Top Level Domain (TLD) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
| info | Uses Windows APIs to generate a cryptographic key |
| Network | ET DNS Query to a *.top domain - Likely Hostile |
No data
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | http://188.24.9.96:91/sshd backdoor censys elf sshdkit | RO  | RCS & RDS | DaveLikesMalwre | 2025.04.28 |
| 2 | http://113.184.132.143:8081/sshd backdoor censys elf sshdkit | VN  | VNPT Corp | DaveLikesMalwre | 2025.04.28 |
| 3 | http://178.50.172.63:9301/sshd backdoor censys elf sshdkit | BE  | Orange Belgium SA | DaveLikesMalwre | 2025.04.28 |
| 4 | http://14.254.123.102/sshd backdoor censys elf sshdkit | VN | VNPT Corp | DaveLikesMalwre | 2025.04.28 |
| 5 | http://83.224.148.123/sshd backdoor censys elf sshdkit | IT  | Vodafone Italia S.p.A. | DaveLikesMalwre | 2025.04.28 |
| View only the last 5 | |||||
Beta Service, If you select keyword, you can check detailed information.