ASEC Weekly Malware Statistics (April 11th, 2022 – April 17th, 2022)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from April 11th, 2022 (Monday) to April 17th, 2022 (Sunday). For the main category, info-stealer ranked top with 77.4%, followed by RAT (Remote Administration Tool) with 15.9%, downloader with 5.4%, banking malware with 0.8%, and ransomware with 0.4%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 31%. It is an…

ASEC Weekly Malware Statistics (April 4th, 2022 – April 10th, 2022)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from April 4th, 2022 (Monday) to April 10th, 2022 (Sunday). For the main category, info-stealer ranked top with 74.1%, followed by RAT (Remote Administration Tool) malware with 15%, downloader with 6.2%, ransomware with 2.9%, and banking malware with 1.8%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 27.7%. It is…

[Caution] Virus/XLS Xanpei Infecting Normal Excel Files

The ASEC analysis team has recently discovered the constant distribution of malware strains that spread the infection when Excel file is opened. Besides infecting normal Excel files, they can also perform additional malicious behaviors such as acting as a downloader and performing DNS Spoofing, therefore, users need to take great caution. The common trait of the malware strains is to spread the virus through the VBA (Visual Basic for Applications) codes included in Excel files. Upon opening the infected Excel…

SystemBC Being Used by Various Attackers

SystemBC is a proxy malware that has been used by various attackers for the last few years. While it is recently distributed through SmokeLoader or Emotet, this malware has steadily been used in various ransomware attacks in the past. When an attacker attempts to access a certain address with malicious intent, the system can be used as a passage if the infected system utilizes SystemBC, which acts as a Proxy Bot. Because it can also act as a downloader to…

ASEC Weekly Malware Statistics (March 28th, 2022 – April 3rd, 2022)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from March 28th, 2022 (Monday) to April 3rd, 2022 (Sunday). For the main category, info-stealer ranked top with 69.6%, followed by RAT (Remote Administration Tool) malware with 21.0%, ransomware with 5.1%, downloader with 3.6%, and CoinMiner with 0.7%. Top 1 – AgentTesla AgentTesla ranked first place with 28.3%. It is an info-stealer that leaks user…