popup

Cyber Threat Trends

  1. Day Month

Gemelli flickerflypro flickerfly

Summary: 2025/04/27 02:44

First reported date: 2011/04/21
Inquiry period : 2025/04/20 02:44 ~ 2025/04/27 02:44 (7 days), 3 search results

전 기간대비 67% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 SSL 입니다.
기타 Corp Ekb Path Limited Monni 등 신규 키워드도 확인됩니다.

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1SSL 3 ▲ 2 (67%)
2Corp 3 ▲ new
3Ekb 1 ▲ new
4Path 1 ▲ new
5Limited 1 ▲ new
6Monni 1 ▲ new
7Software 1 ▲ new
8Oy 1 ▲ new
9Tim 1 ▲ new
10Instruments 1 ▲ new
11OSOO 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

No data.

Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Attack technique
Technique

This is an attack technique that is becoming an issue.

No data.

Country & Company
Country & Company

This is a country or company that is an issue.

No data.

Threat info
Last 5

SNS

(Total : 3)
  Total keyword

Software

No Title Date
1MalwareHunterTeam @malwrhunterteam
"Ekb Path Limited" (SSL Corp given cert) signed "SearchHostService.exe" sample: 293fdd8279a2f2b436f7af0d90ad02d0b11f674cd852cffe49ac009bc7bb58b6 https://t.co/2Qzqtpo5VM		2025.04.22
2MalwareHunterTeam @malwrhunterteam
"Monni Software Oy" (SSL Corp given cert) signed "statement.exe" sample: 374c270caa42b3ba1a0b31c33a47fe590c38ef8997845d48ae3fb8a575f7d608 From: https://spectrumwireless.net/statement.exe Whois says that the spectrumwireless.net domain was registered in 2010... ???? https://t.co/05PAmHWJ4f		2025.04.22
3MalwareHunterTeam @malwrhunterteam
"Tim Instruments, OSOO" (SSL Corp given cert) signed "mystix-setup.msi" sample: 624b6745c4d05ddcad0d60f2e169942b5575c5c423491260feb296db9b8ca9c8 https://t.co/bG2ZVYLG27		2025.04.22

News

(Total : 0)

No data.

Additional information

No Title Date
1Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News2025.04.26
2Threat Hunting: For what, when, and how? - Malware.News2025.04.26
3Detection Engineering Fundamentals: What makes a good alert? - Malware.News2025.04.26
4What is the xBOM? - Malware.News2025.04.26
5To Catch A Thief | Rubrik - CyberScoop2025.04.26
View only the last 5
No Request Hash(md5) Report No Date
1 %E5%B7%85%E3%82%BD%E5%B3%B0[%E...
Malicious Library Socket Http API ScreenShot HTTP SSL Code injection Internet API KeyLogger AntiDebug AntiVM PE32 PE File 		e516566b25ae853edd6aad00854d782a553882024.11.22
2 a.exe
Emotet Generic Malware UPX Malicious Library Admin Tool (Sysinternals etc ...) Malicious Packer Create Service Socket Http API ScreenShot Escalate priviledges PWS HTTP SMTP SSL DNS Internet API persistence KeyLogger AntiDebug AntiVM PE File PE32 MZP Forma 		fec6019b90092723b543219410ce71b4549852024.10.21
3 3-1.exe
Generic Malware Malicious Library ASPack UPX Malicious Packer Socket ScreenShot Escalate priviledges PWS SMTP SSL DNS Dynamic Dns Internet API persistence KeyLogger AntiDebug AntiVM DllRegisterServer dll PE File PE32 MZP Format OS Processor Check JPEG For 		3482f7d0b7c1a3eeca3874bc9a1397ce520522024.07.29
4 probeDLLnocry-crypted.exe
Generic Malware Malicious Library Malicious Packer Admin Tool (Sysinternals etc ...) UPX Socket ScreenShot Escalate priviledges PWS SMTP SSL DNS Dynamic Dns Internet API persistence KeyLogger AntiDebug AntiVM PE32 PE File MZP Format OS Processor Check 		353a3b4d65ce9168817e09d5090b2afa478552024.02.04
5 Notafiscal-gtfbp-10144-PLFNV.e...
PWS[m] Gen1 Downloader task schedule UPX Malicious Library Malicious Packer Antivirus Create Service DGA SSL Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence 		8ddd50069956806ee60f17adef6ec21c336952022.10.12
View only the last 5
Level Description
danger Executed a process and injected code into it
watch Allocates execute permission to another process indicative of possible code injection
watch Checks the CPU name from registry
watch Checks the version of Bios
watch Detects the presence of Wine emulator
watch One or more of the buffers contains an embedded PE file
watch Potential code injection by writing to the memory of another process
watch Resumed a suspended thread in a remote process potentially indicative of process injection
notice A process attempted to delay the analysis task.
notice Allocates read-write-execute memory (usually to unpack itself)
notice Checks whether any human activity is being performed by constantly checking whether the foreground window changed
notice Foreign language identified in PE resource
notice One or more potentially interesting buffers were extracted
notice Potentially malicious URLs were found in the process memory dump
notice Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation
notice The binary likely contains encrypted or compressed data indicative of a packer
notice Yara rule detected in process memory
info Checks amount of memory in system
info One or more processes crashed
info Queries for the computername
info The executable uses a known packer
info The file contains an unknown PE resource name possibly indicative of a packer
info Tries to locate where the browsers are installed
No data
No data
Beta Service, If you select keyword, you can check detailed information.