popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/29 00:29

First reported date: 2016/08/05
Inquiry period : 2025/03/30 00:29 ~ 2025/04/29 00:29 (1 months), 27 search results

전 기간대비 52% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Remcos NetWireRC Malware RAT Phishing 입니다.
악성코드 유형 Xloader RATel RemcosRAT Trojan DYEPACK Vidar Stealc 도 새롭게 확인됩니다.
공격기술 hacking 도 새롭게 확인됩니다.
기관 및 기업 Ukraine AhnLab Palo Alto Networks 도 새롭게 확인됩니다.
기타 multistage neconyd Java Shadows Brute Ratel C4 등 신규 키워드도 확인됩니다.

Remcos is a RAT type malware that attackers use to perform actions on infected machines remotely. This malware is extremely actively caped up to date with updates coming out almost every single month.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/18 Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
    ㆍ 2025/04/18 Threat Actors Leverage Cascading Shadows Attack Chain to Evade Detection and Hinder Analysis
    ㆍ 2025/04/17 Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis


참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 112개 종이 확인됩니다.

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Remcos 27 ▲ 14 (52%)
2NetWireRC 16 ▲ 10 (63%)
3Malware 14 ▲ 6 (43%)
4RAT 12 ▲ 11 (92%)
5Phishing 11 ▲ 4 (36%)
6Campaign 11 ▲ 1 (9%)
7Xloader 9 ▲ new
8Advertising 7 ▲ 3 (43%)
9powershell 6 ▲ 1 (17%)
10Russia 6 ▲ 3 (50%)
11Kaspersky 6 ▲ 3 (50%)
12attack 5 ▲ 4 (80%)
13last 5 ▲ 3 (60%)
14Amadey 5 ▲ 4 (80%)
15AsyncRAT 5 - 0 (0%)
16snake 5 ▲ 3 (60%)
17tofsee 5 ▲ 3 (60%)
18Lumma 5 ▲ 3 (60%)
19XWorm 5 ▲ 3 (60%)
20AgentTesla 5 ▲ 1 (20%)
21Top 5 ▲ 3 (60%)
22Ucraina 5 ▲ 2 (40%)
23Email 4 ▲ 2 (50%)
24target 4 ▲ 1 (25%)
25Gamaredon 4 ▲ 2 (50%)
26multistage 4 ▲ new
27Raccoon 3 ▲ 2 (67%)
28Ukraine 3 ▲ new
29United States 3 ▼ -1 (-33%)
30RATel 3 ▲ new
31Microsoft 3 ▼ -1 (-33%)
32neconyd 3 ▲ new
33Report 3 ▼ -3 (-100%)
34Cisco 2 - 0 (0%)
35Java 2 ▲ new
36Shadows 2 ▲ new
37Brute Ratel C4 2 ▲ new
38AhnLab 2 ▲ new
39Threat 2 ▲ new
40Distribution 2 ▼ -1 (-50%)
41Agent 2 ▲ new
42quasar 2 ▲ 1 (50%)
43FormBook 2 ▼ -1 (-50%)
44abusech 2 ▲ new
45Low 2 ▲ new
46RemcosRAT 2 ▲ new
47IoC 2 ▼ -3 (-150%)
48Trojan 2 ▲ new
49recent 2 ▲ new
50Tesla 2 ▲ new
51intelligence 2 ▲ new
52Germany 2 ▲ 1 (50%)
53hacking 2 ▲ new
54securityaffairs 2 ▲ new
55Palo Alto Networks 2 ▲ new
56Downloader 2 ▲ 1 (50%)
57sality 1 ▲ new
58DCRat 1 ▼ -2 (-200%)
59httpstcoP 1 ▲ new
60Cascading 1 ▲ new
61Education 1 ▲ new
62Windows 1 ▼ -1 (-100%)
63complex 1 ▲ new
64simple 1 ▲ new
65Linux 1 ▲ new
66httpstcouvC 1 ▲ new
67Leverage 1 ▲ new
68analysis 1 ▲ new
69Palo 1 ▲ new
70utilizes 1 ▲ new
71VBS 1 ▲ new
72detection 1 ▲ new
73past 1 ▲ new
74httpstcoPoOiqUwJjt 1 ▲ new
75delivery 1 ▲ new
76Khanzada 1 ▲ new
77Saqib 1 ▲ new
78Chain 1 ▲ new
79Approach 1 ▲ new
80Avoid 1 ▲ new
81Altos 1 ▲ new
82Stealer 1 ▼ -1 (-100%)
83taxseason 1 ▲ new
84DYEPACK 1 ▲ new
85Vidar 1 ▲ new
86RaccoonO 1 ▲ new
87Waybill 1 ▲ new
88Major 1 ▲ new
89Backdoor 1 ▼ -4 (-400%)
90Venere 1 ▲ new
91Guilherme 1 ▲ new
92Taloss 1 ▲ new
93Stealc 1 ▲ new
94PhaaS 1 ▲ new
95Russialinked 1 ▲ new
96TalosSecurity 1 ▲ new
97Uses 1 ▲ new
98docs 1 ▲ new
99war 1 ▲ new
100fake 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Remcos
27 (24.3%)
NetWireRC
16 (14.4%)
RAT
12 (10.8%)
Xloader
9 (8.1%)
Amadey
5 (4.5%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Gamaredon
4 (100%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Phishing
11 (39.3%)
Campaign
11 (39.3%)
hacking
2 (7.1%)
Downloader
2 (7.1%)
Stealer
1 (3.6%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Russia
6 (17.1%)
Kaspersky
6 (17.1%)
Ucraina
5 (14.3%)
Ukraine
3 (8.6%)
United States
3 (8.6%)
Malware Family
Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info
Last 5

SNS

(Total : 19)
  Total keyword

Remcos NetWireRC Malware RAT Phishing Advertising Xloader Lumma XWorm Amadey AgentTesla Russia Campaign AsyncRAT Kaspersky Ucraina target Gamaredon powershell attack Ukraine Email RATel hacking Attacker RemcosRAT Report VBS Palo Alto Networks DCRat FormBook IoC Trojan Stealc Vidar Downloader Cisco Backdoor Germany Password GuLoader Raccoon Brute Ratel C4 Microsoft US DocuSign United States VBScript

No Title Date
1ANY.RUN @anyrun_app
Top 10 last week's threats by uploads ???? ⬇️ #Lumma 569 (1077) ⬆️ #Tofsee 363 (263) ⬇️ #Xworm 309 (1099) ⬇️ #Asyncrat 290 (395) ⬆️ #Neconyd 283 (169) ⬇️ #Snake 254 (379) ⬇️ #Remcos 232 (566) ⬇️ #Amadey 156 (380) ⬆️ #Formbook 134 (78) ⬇️ #Agenttesla 114 (271) Track them all: https://t.co/8l4AJmdDCa		2025.04.28
2Szabolcs Schmidt @smica83
Low detected #RemcosRAT VBS @abuse_ch https://t.co/PoOiqUwJjt https://t.co/pfcM1xjyZt		2025.04.28
3Konstantin Nikolenko @K_N1kolenko
#Remcos #ioc 62.60.226.21:40106 62.60.226.139:30303		2025.04.25
4ANY.RUN @anyrun_app
Top 10 last week's threats by uploads ???? ⬇️ #Lumma 592 (644) ⬇️ #Snake 306 (513) ⬇️ #Xworm 281 (341) ⬇️ #Asyncrat 277 (303) ⬆️ #Tofsee 264 (194) ⬆️ #Remcos 240 (203) ⬇️ #Agenttesla 195 (326) ⬆️ #Neconyd 169 (154) ⬆️ #Amadey 108 (95) ⬆️ #Quasar 91 (82) Track them all: https://t.co/D9Hy7N9Wuh		2025.04.21
5Cyber_OSINT @Cyber_O51NT
A recent multi-stage malware attack utilizes .JSE and PowerShell to deliver Agent Tesla, Remcos RAT, and XLoader, as noted by Palo Alto Networks' Saqib Khanzada, who highlights attackers' tactics to evade detection and ensure payload execution. https://t.co/i7vn5wZL9L		2025.04.18

News

(Total : 8)
  Total keyword

Remcos RAT Malware NetWireRC Campaign Phishing Xloader powershell Attacker attack Email Microsoft Distribution intelligence Raccoon AhnLab United States Report Java Stealer GameoverP2P Linux RecordBreaker Windows c&c DYEPACK Education Advertising Android Palo Alto Networks IoC Cobalt Strike Gamaredon Kaspersky Ucraina Russia Germany Cisco Trojan target Downloader Ukraine Nanocore Brute Ratel C4 RATel FormBook RedLine Emotet

No Title Date
1Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader - The Hacker News2025.04.18
2Threat Actors Leverage Cascading Shadows Attack Chain to Evade Detection and Hinder Analysis - Malware.News2025.04.18
3Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis - Unit 422025.04.17
4How MSSP Expertware Uses ANY.RUN’s Interactive Sandbox for Faster Threat Analysis - Malware.News2025.04.08
5Threat actors leverage tax season to deploy tax-themed phishing campaigns - Microsoft Security Blog2025.04.04

Additional information

No data
No data
No Category URL CC ASN Co Date
1c2http://www.sangrodrinkinbottleporto.xyz/2025.04.21
2c2http://160.30.192.52:2404/2025.04.14
3c2http://001remsw.ydns.eu/RO ROTennet Telecom Srl2025.04.11
4c2http://remsw.ydns.eu/2025.04.11
5c2http://103.28.89.34:10101/HK HKAmarutu Technology Ltd2025.03.31
View only the last 5
No URL CC ASN Co Reporter Date
1https://paste.ee/r/tFMXEhUq/0
remcos 		DaveLikesMalwre2025.04.10
2https://bitbucket.org/jorge2514/george/downloads/sosteff2025.txt
base64 bitbucket Encoded remcos RemcosRAT rev-base64-loader 		US USATLASSIAN PTY LTDDaveLikesMalwre2025.04.10
3http://62.60.226.112/file/3601_2042.exe
remcos 		IR IRASLINE LIMITEDskocherhan2025.02.28
4https://raw.githubusercontent.com/Oscarito20222/diciembre/refs/heads/main/sena.exe
remcos RemcosRAT 		US USFASTLYskocherhan2025.02.28
5https://github.com/Oscarito20222/diciembre/raw/refs/heads/main/sena.exe
github remcos RemcosRAT 		US USMICROSOFT-CORP-MSN-AS-BLOCKskocherhan2025.02.28
View only the last 5
Beta Service, If you select keyword, you can check detailed information.