Cyber Threat Trends

Summary: 2025/04/15 18:42

First reported date: 2015/01/23
Inquiry period : 2025/04/14 18:41 ~ 2025/04/15 18:41 (1 days), 1 search results

지난 7일 기간대비 동일한 트렌드를 보이고 있습니다.

njRAT is a remote access trojan. It is one of the most widely accessible RATs on the market that features an abundance of educational information.
Interested attackers can even find tutorials on YouTube.

참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 110개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	njRAT	1	- 0 (0%)
2	C2	1	- 0 (0%)
3	NetWireRC	1	- 0 (0%)
4	c&c	1	- 0 (0%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
njRAT		1 (50%)
NetWireRC		1 (50%)

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

No data.

Country & Company

This is a country or company that is an issue.

No data.

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 1)

Total keyword

njRAT C2 NetWireRC c&c

No	Title	Date
1	SarlackLab @SarlackLab #njrat #C2 server 18.197.239.109:11862 confirmed 2025-04-14	2025.04.14

News

(Total : 0)

No data.

Additional information

No	Title	Date
1	Closing the Gap: How to Build a Consistent Exposure and Vulnerability Management Workflow - Malware.News	2025.04.15
2	Colleges and Schools Now Top Targets for Online Threat Actors - Malware.News	2025.04.15
3	Trump Revenge Tour Targets Cyber Leaders, Elections - Malware.News	2025.04.15
4	GenAI vulnerabilities fixed only 21% of the time after pentesting - Malware.News	2025.04.15
5	Meta slurps up EU user data for AI training - Malware.News	2025.04.15
View only the last 5

No	Title	Date
1	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
2	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
3	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
4	Blind Eagle: …And Justice for All - Malware.News	2025.03.10
5	Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool - Malware.News	2025.03.05
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	edocument.exe njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File CAB MSOffice File PE32 OS Processor Check OS Name Check DLL	445861c5c25defe38d09ae2135230e4b	58925	2025.04.10
2	ZoomInstallerFull.exe njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL	92c3cfc9f25013c5d8f2212fcc04c887	58266	2025.03.24
3	Zoom.ClientSetupv-204827038.ex... njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL	4baa06d13429759cd61da9da0738f8aa	58267	2025.03.24
4	Zoom.ClientSetup_v0564.exe njRAT backdoor Gen1 Emotet Generic Malware Malicious Library Antivirus UPX Malicious Packer ASPack PE File MSOffice File CAB PE32 OS Processor Check OS Name Check PE64	8115c820fc40abb9a7d451dd607ba7dc	58270	2025.03.24
5	none.exe njRAT backdoor Generic Malware Malicious Library Antivirus UPX PE File MSOffice File CAB PE32 OS Processor Check OS Name Check DLL	916b2a0e429a3f8ba571f2977281caf7	58177	2025.03.17
View only the last 5

Level	Description
watch	Creates known Upatre files
watch	File has been identified by 19 AntiVirus engines on VirusTotal as malicious
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	Checks for the Locally Unique Identifier on the system for a suspicious privilege
notice	Creates executable files on the filesystem
notice	Drops an executable to the user AppData folder
notice	One or more potentially interesting buffers were extracted
notice	Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation
notice	The binary likely contains encrypted or compressed data indicative of a packer
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	One or more processes crashed
info	Queries for the computername
info	The file contains an unknown PE resource name possibly indicative of a packer
info	This executable has a PDB path
info	Uses Windows APIs to generate a cryptographic key

No	Category	URL	CC	ASN Co	Date
1	c2	http://54.169.93.143:10549/	SG	AMAZON-02	2025.04.11
2	c2	http://18.190.63.84:11421/	US	AMAZON-02	2025.04.01
3	c2	http://3.137.60.53:11421/	US	AMAZON-02	2025.04.01
4	c2	http://3.12.245.36:11421/	US	AMAZON-02	2025.04.01
5	c2	http://3.135.250.11:11421/	US	AMAZON-02	2025.04.01
View only the last 5

No	URL	CC	ASN Co	Reporter	Date
1	http://github.com/MommyNikiits/NotTouchingDD/raw/master/Device2.exe njRAT	US	MICROSOFT-CORP-MSN-AS-BLOCK	abus3reports	2025.04.13
2	https://raw.githubusercontent.com/gamingdued123/UeukFI/main/clientside.exe github njRAT	US	FASTLY	Riordz	2025.02.22
3	https://github.com/BARHOM1/brobr/raw/main/WindowsServices.exe github njRAT	US	MICROSOFT-CORP-MSN-AS-BLOCK	Riordz	2025.02.22
4	https://raw.githubusercontent.com/kostyosthesystem/ratnik/refs/heads/main/ratnik.zip github njRAT	US	FASTLY	Riordz	2025.02.22
5	https://raw.githubusercontent.com/Toxicxz/Fnaf-1/refs/heads/main/fuscagame.exe github njRAT	US	FASTLY	Riordz	2025.02.22
View only the last 5

Beta Service, If you select keyword, you can check detailed information.

Cyber Threat Trends

Summary: 2025/04/15 18:42

Trend graph by period

Related keyword cloud

Special keyword group

Malware Type

Attacker & Actors

Technique

Country & Company

Malware Family

Threat info

SNS

News

Additional information

Top10 search keywords

Submissions

Report

Company