Cyber Threat Trends

Summary: 2025/04/17 15:50

First reported date: 2023/09/20
Inquiry period : 2025/03/18 15:50 ~ 2025/04/17 15:50 (1 months), 5 search results

전 기간대비 60% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 ValleyRAT 입니다.
악성코드 유형 Trojan 도 새롭게 확인됩니다.
기관 및 기업 China Chinese 도 새롭게 확인됩니다.
기타 Samples iocs httpstcobJ OneDriveSetupexe evasion 등 신규 키워드도 확인됩니다.

참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 110개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	ValleyRAT	5	▲ 3 (60%)
2	Samples	2	▲ new
3	NetWireRC	2	- 0 (0%)
4	iocs	1	▲ new
5	httpstcobJ	1	▲ new
6	OneDriveSetupexe	1	▲ new
7	IoC	1	- 0 (0%)
8	Campaign	1	- 0 (0%)
9	China	1	▲ new
10	Chinese	1	▲ new
11	evasion	1	▲ new
12	advanced	1	▲ new
13	silverfox	1	▲ new
14	Phishing	1	- 0 (0%)
15	Related	1	▲ new
16	Trojan	1	▲ new
17	c&c	1	▲ new
18	C2	1	▲ new
19	Update	1	- 0 (0%)
20	Colllection	1	▲ new
21	httpstcoESY	1	▲ new
22	httpstco	1	▲ new
23	JAMESWTWT	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
ValleyRAT		5 (62.5%)
NetWireRC		2 (25%)
Trojan		1 (12.5%)

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		1 (50%)
Phishing		1 (50%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
China		1 (50%)
Chinese		1 (50%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 4)

Total keyword

ValleyRAT NetWireRC iocs IoC Campaign China Chinese Phishing Trojan c&c C2 Update

No	Title	Date
1	Szabolcs Schmidt @smica83 OneDriveSetup.exe (ValleyRAT) @abuse_ch https://t.co/bJ3Z9R3g1U @JAMESWT_WT https://t.co/YOQWN6Hx11	2025.04.13
2	ANY.RUN @anyrun_app ???? #ValleyRAT is a #trojan with advanced evasion capabilities It is widely used by the Chinese #SilverFox APT group in #phishing campaigns Learn more, collect #IOCs and samples: https://t.co/6DesfAwmMY https://t.co/uQ8TraF3T2	2025.04.07
3	JAMESWT @JAMESWT_MHT #ValleyRAT ✅Samples Colllection update with C2 tags ???????????????? https://t.co/BCuSKKSm8m https://t.co/8RMVpDwUyG	2025.03.29
4	JAMESWT @JAMESWT_MHT Related #ValleyRAT Samples ???? https://t.co/UlCgJIBfVy https://t.co/4oC8LCJaPy https://t.co/ESY7JPeHFt	2025.03.27

News

(Total : 1)

Total keyword

ValleyRAT

No	Title	Date
1	ValleyRAT - ANY.RUN / ANY.RUN / malpedia	2025.04.07

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking - The Hacker News	2025.02.06
2	정교한 사이버 공격…PNGPlug 로더로 ValleyRAT 유포중 - 데일리시큐	2025.01.21
3	Threat Bulletin: Weaponized Software Targets Chinese-Speaking Organizations - Malware.News	2025.01.17
4	Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics - The Hacker News	2024.08.16
5	China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics - The Hacker News	2024.06.11
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://pub-b978efeee5f74796b091da96ca739efb.r2.dev/cheon_H4.03-X64.exe ValleyRAT winos			aachum	2025.04.04
2	https://anizom.com/Setup.zip ValleyRAT	US	CLOUDFLARENET	lontze7	2025.02.05
3	http://124.156.117.13/1.exe donutloader ValleyRAT	HK	...	lontze7	2024.12.31
4	http://206.238.198.133/1.exe exe ValleyRAT	US	COGENT-174	abuse_ch	2024.12.26
5	http://154.198.49.151/22.exe exe malware trojan ValleyRAT	US	IKGUL-26484	Joker	2024.12.25
View only the last 5

Beta Service, If you select keyword, you can check detailed information.