Cyber Threat Trends

Summary: 2025/04/17 13:19

First reported date: 2015/01/23
Inquiry period : 2025/03/18 13:19 ~ 2025/04/17 13:19 (1 months), 42 search results

전 기간대비 17% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 njRAT NetWireRC C2 c&c DDNS 입니다.
악성코드 유형 RAT Trojan 도 새롭게 확인됩니다.
공격기술 APT 도 새롭게 확인됩니다.
기관 및 기업 France China Taiwan Türkiye Government 도 새롭게 확인됩니다.
기타 Email account target arquivehacksddnsnet teachingintegrateglatplygg 등 신규 키워드도 확인됩니다.

njRAT is a remote access trojan. It is one of the most widely accessible RATs on the market that features an abundance of educational information.
Interested attackers can even find tutorials on YouTube.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 “I sent you an email from your email account,” sextortion scam claims
    ㆍ 2025/04/16 “I sent you an email from your email account,” sextortion scam claims
    ㆍ 2025/03/21 China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families

참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 110개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	njRAT	42	▲ 7 (17%)
2	NetWireRC	41	▲ 6 (15%)
3	C2	39	▲ 8 (21%)
4	c&c	39	▲ 6 (15%)
5	Malware	2	▼ -1 (-50%)
6	Victim	2	- 0 (0%)
7	DDNS	2	▲ 1 (50%)
8	France	2	▲ new
9	Email	2	▲ new
10	account	2	▲ new
11	target	2	▲ new
12	arquivehacksddnsnet	1	▲ new
13	teachingintegrateglatplygg	1	▲ new
14	sextortion	1	▲ new
15	Phishing	1	- 0 (0%)
16	scam	1	▲ new
17	getmetglatplygg	1	▲ new
18	Cryptocurrency	1	- 0 (0%)
19	Browser	1	▲ new
20	RAT	1	▲ new
21	Trojan	1	▲ new
22	payment	1	▲ new
23	Password	1	▲ new
24	access	1	▲ new
25	address	1	▲ new
26	overallwhomglatplygg	1	▲ new
27	serveonet	1	▲ new
28	packamberglatplygg	1	▲ new
29	Aquatic	1	▲ new
30	Campaign	1	▼ -2 (-200%)
31	United States	1	- 0 (0%)
32	China	1	▲ new
33	Taiwan	1	▲ new
34	Türkiye	1	▲ new
35	Government	1	▲ new
36	APT	1	▲ new
37	Panda	1	▲ new
38	jajaovhduckdnsorg	1	▲ new
39	place	1	▲ new
40	canfeaturesglatplygg	1	▲ new
41	animalpremiumglatplygg	1	▲ new
42	fuckfrance	1	▲ new
43	hydrat	1	▲ new
44	Cobalt Strike	1	▲ new
45	lakeobservationglatplygg	1	▲ new
46	lesbianstereoglatplygg	1	▲ new
47	own	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
njRAT		42 (49.4%)
NetWireRC		41 (48.2%)
RAT		1 (1.2%)
Trojan		1 (1.2%)

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Phishing		1 (33.3%)
Campaign		1 (33.3%)
APT		1 (33.3%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
France		2 (28.6%)
United States		1 (14.3%)
China		1 (14.3%)
Taiwan		1 (14.3%)
Türkiye		1 (14.3%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 39)

Total keyword

njRAT c&c NetWireRC C2 DDNS France

No	Title	Date
1	SarlackLab @SarlackLab #njrat #C2 server 18.157.68.73:16744 confirmed 2025-04-16	2025.04.16
2	SarlackLab @SarlackLab #njrat #C2 server 35.158.159.254:14219 confirmed 2025-04-16	2025.04.16
3	SarlackLab @SarlackLab #njrat #C2 server 18.198.77.177:14219 confirmed 2025-04-16	2025.04.16
4	SarlackLab @SarlackLab #njrat #C2 server 18.197.239.109:11862 confirmed 2025-04-14	2025.04.14
5	SarlackLab @SarlackLab #njrat #C2 server 147.185.221.27:33117 teaching-integrate.gl.at.ply.gg confirmed 2025-04-13	2025.04.14

News

(Total : 3)

Total keyword

njRAT target Email Victim NetWireRC Malware Password payment Trojan RAT Browser Cryptocurrency Phishing Taiwan France Campaign United States Cobalt Strike APT China Government Türkiye

No	Title	Date
1	“I sent you an email from your email account,” sextortion scam claims - Malware.News	2025.04.17
2	“I sent you an email from your email account,” sextortion scam claims - Malwarebytes Labs	2025.04.16
3	China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families - The Hacker News	2025.03.21

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
2	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
3	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
4	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
5	Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool - Malware.News	2025.03.05
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	edocument.exe njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File CAB MSOffice File PE32 OS Processor Check OS Name Check DLL	445861c5c25defe38d09ae2135230e4b	58925	2025.04.10
2	ZoomInstallerFull.exe njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL	92c3cfc9f25013c5d8f2212fcc04c887	58266	2025.03.24
3	Zoom.ClientSetupv-204827038.ex... njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL	4baa06d13429759cd61da9da0738f8aa	58267	2025.03.24
4	Zoom.ClientSetup_v0564.exe njRAT backdoor Gen1 Emotet Generic Malware Malicious Library Antivirus UPX Malicious Packer ASPack PE File MSOffice File CAB PE32 OS Processor Check OS Name Check PE64	8115c820fc40abb9a7d451dd607ba7dc	58270	2025.03.24
5	none.exe njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL	916b2a0e429a3f8ba571f2977281caf7	58177	2025.03.17
View only the last 5

Level	Description
watch	Creates known Upatre files
watch	File has been identified by 19 AntiVirus engines on VirusTotal as malicious
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	Checks for the Locally Unique Identifier on the system for a suspicious privilege
notice	Creates executable files on the filesystem
notice	Drops an executable to the user AppData folder
notice	One or more potentially interesting buffers were extracted
notice	Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation
notice	The binary likely contains encrypted or compressed data indicative of a packer
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	One or more processes crashed
info	Queries for the computername
info	The file contains an unknown PE resource name possibly indicative of a packer
info	This executable has a PDB path
info	Uses Windows APIs to generate a cryptographic key

No	Category	URL	CC	ASN Co	Date
1	c2	http://54.169.93.143:10549/	SG	AMAZON-02	2025.04.11
2	c2	http://18.190.63.84:11421/	US	AMAZON-02	2025.04.01
3	c2	http://3.137.60.53:11421/	US	AMAZON-02	2025.04.01
4	c2	http://3.12.245.36:11421/	US	AMAZON-02	2025.04.01
5	c2	http://3.135.250.11:11421/	US	AMAZON-02	2025.04.01
View only the last 5

No	URL	CC	ASN Co	Reporter	Date
1	http://github.com/MommyNikiits/NotTouchingDD/raw/master/Device2.exe njRAT	US	MICROSOFT-CORP-MSN-AS-BLOCK	abus3reports	2025.04.13
2	https://raw.githubusercontent.com/gamingdued123/UeukFI/main/clientside.exe github njRAT	US	FASTLY	Riordz	2025.02.22
3	https://github.com/BARHOM1/brobr/raw/main/WindowsServices.exe github njRAT	US	MICROSOFT-CORP-MSN-AS-BLOCK	Riordz	2025.02.22
4	https://raw.githubusercontent.com/kostyosthesystem/ratnik/refs/heads/main/ratnik.zip github njRAT	US	FASTLY	Riordz	2025.02.22
5	https://raw.githubusercontent.com/Toxicxz/Fnaf-1/refs/heads/main/fuscagame.exe github njRAT	US	FASTLY	Riordz	2025.02.22
View only the last 5

Beta Service, If you select keyword, you can check detailed information.