Summary: 2025/05/08 05:41
First reported date: 2016/12/20
Inquiry period : 2025/04/08 05:41 ~ 2025/05/08 05:41 (1 months), 1 search results
전 기간대비 동일한 트렌드를 보이고 있습니다.
기관 및 기업 Africa 도 새롭게 확인됩니다.
기타 African Firms Double Trumps 신규 키워드도 확인됩니다.
* 최근 뉴스기사 Top3:
ㆍ 2025/04/17 African PE Firms Double Fundraising Before Trump’s Trade War
Trend graph by period
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
No data.
Attacker & Actors
The status of the attacker or attack group being issued.
No data.
Technique
This is an attack technique that is becoming an issue.
No data.
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| Africa |
|
1 (100%) |
Threat info
Last 5SNS
(Total : 0)No data.
News
(Total : 1)
Total keyword
| No | Title | Date |
|---|---|---|
| 1 | African PE Firms Double Fundraising Before Trump’s Trade War - Bloomberg Technology | 2025.04.17 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | New Finance Scheme Discovered Abusing Niche X/Twitter Advertising Loophole - Malware.News | 2025.05.08 |
| 2 | Green Dot Shares Jump on Report of Private Equity Interest - Bloomberg Technology | 2025.05.08 |
| 3 | CVE-2024-44236: Remote Code Execution vulnerability in Apple macOS - Malware.News | 2025.05.08 |
| 4 | 10,000 WordPress Sites Affected by Arbitrary File Read Vulnerability in Eventin WordPress Plugin - Malware.News | 2025.05.08 |
| 5 | Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2 - Malware.News | 2025.05.08 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Trei ani de la invazia pe scară largă în Ucraina: Măsuri concrete sprijinite de Eurojust în direcția asumării răspunderii - Eurojust | 2025.02.24 |
| 2 | ZeroFox to be Taken Private in $350 Million Deal - Securityweek | 2024.02.06 |
| 3 | PE Firm Francisco Partners to Take Sumo Logic Private in $1.7B Deal - Securityweek | 2023.02.16 |
| 4 | PE Firm Completes Acquisition of Forcepoint - Securityweek | 2021.01.12 |
| 5 | PE Firm to to Acquire Forcepoint From Raytheon - securityweek.com | 2020.10.27 |
| View only the last 5 | ||
| Level | Description |
|---|---|
| danger | File has been identified by 40 AntiVirus engines on VirusTotal as malicious |
| danger | Disables Windows Security features |
| watch | Attempts to modify UAC prompt behavior |
| watch | Attempts to stop active services |
| watch | Created a process named as a common system process |
| watch | Creates an Alternate Data Stream (ADS) |
| watch | Creates known SpyNet files |
| watch | Expresses interest in specific running processes |
| watch | Powershell script adds registry entries |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | The process powershell.exe wrote an executable file to disk |
| watch | Uses Sysinternals tools in order to add additional command line functionality |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a shortcut to an executable file |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Creates hidden or system file |
| notice | Drops a binary and executes it |
| notice | Drops an executable to the user AppData folder |
| notice | Executes one or more WMI queries |
| notice | Executes one or more WMI queries which can be used to identify virtual machines |
| notice | Terminates another process |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Collects information to fingerprint the system (MachineGuid |
| info | Command line console output was observed |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
| info | Tries to locate where the browsers are installed |
| info | Uses Windows APIs to generate a cryptographic key |
No data
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | https://154.197.69.165/System.exe pe | HK  | ASLINE LIMITED | abus3reports | 2024.11.03 |
| 2 | http://176.111.174.140/zcc.exe pe RedLineStealer | abus3reports | 2024.11.03 |
Beta Service, If you select keyword, you can check detailed information.