Sotwe logo Sotwe logo

Top Tweets for #NetSupportRat

sans_isc's profile image
SANS.edu Internet Storm Center Verified account @sans_isc
ISC Diary: #SmartApeSG campaign pushes #Remcos #RAT, #NetSupportRAT, #StealC and #SectopRAT (#ArechC https://t.co/g4XR3RCgxi
sans_isc's tweet photo. ISC Diary: #SmartApeSG campaign pushes #Remcos #RAT, #NetSupportRAT, #StealC and #SectopRAT (#ArechC https://t.co/g4XR3RCgxi https://t.co/1QfFCwWsqI
1
14
6
7
2K
neonprimetime's profile image
neonprimetime @neonprimetime
We started with #ClickFix putting #DonutLoader into memory and end with #NetSupportRAT 12 - #NetSupportRAT connects to it's C2 located in #Iran 172[.94[.9[.4 Hope this is helpful to the community! 7 of 7 (end of thread)
neonprimetime's tweet photo. We started with #ClickFix putting #DonutLoader into memory and end with #NetSupportRAT 12 - #NetSupportRAT connects to it's C2 located in #Iran 172[.94[.9[.4 Hope this is helpful to the community! 7 of 7 (end of thread) https://t.co/e5vdGHYSnU
1
6
1
0
343
neonprimetime's profile image
neonprimetime @neonprimetime
10 - Powershell inside MSI downloads a ZIP file from another website hxxps://applicationhost17[.com/downloads/MS-D2DC127D-084C-44D1-8615-6142396987BB[.zip 11 - The ZIP contains #NetSupportRAT https://t.co/iauGJwAD5C 6 of X
neonprimetime's tweet photo. 10 - Powershell inside MSI downloads a ZIP file from another website hxxps://applicationhost17[.com/downloads/MS-D2DC127D-084C-44D1-8615-6142396987BB[.zip 11 - The ZIP contains #NetSupportRAT https://t.co/iauGJwAD5C 6 of X https://t.co/kSwePtgBE0
1
4
1
0
243
neonprimetime's profile image
neonprimetime @neonprimetime
#ClickFix => #DonutLoader => #NetSupportRAT active right now 3/11/2026 step by step 1 - legit website loading malicious content 2 - shows ClickFix popup 3 - copy & paste powershell cmd & run it ... continued ... 1 of X (thread)
neonprimetime's tweet photo. #ClickFix => #DonutLoader => #NetSupportRAT active right now 3/11/2026 step by step 1 - legit website loading malicious content 2 - shows ClickFix popup 3 - copy & paste powershell cmd & run it ... continued ... 1 of X (thread) https://t.co/9LGAomv9h8
4
59
11
31
5K
JAMESWT_WT's profile image
JAMESWT @JAMESWT_WT
@smica83 All Samples are #NetSupportRat Samples Collection with client32.ini https://t.co/NETLTpLQAV
JAMESWT_WT's tweet photo. @smica83 All Samples are #NetSupportRat Samples Collection with client32.ini https://t.co/NETLTpLQAV https://t.co/1jV8SQubkm
0
4
2
0
1K
skocherhan's profile image
ܛܔܔܔܛܔܛܔܛ Verified account @skocherhan
ac019d44897e15a643de5603d823f016 srvc-clndly[.]com 83[.]217[.]209[.]249 AS215826 Partner Hosting LTD 🇷🇺 #NetSupportRAT @smica83 @JAMESWT_WT
skocherhan's tweet photo. ac019d44897e15a643de5603d823f016 srvc-clndly[.]com 83[.]217[.]209[.]249 AS215826 Partner Hosting LTD 🇷🇺 #NetSupportRAT @smica83 @JAMESWT_WT https://t.co/c2lAQ9Z8iy
1
6
1
0
434
skocherhan's profile image
ܛܔܔܔܛܔܛܔܛ Verified account @skocherhan
mysrvcs[.]com 77[.]90[.]15[.]227 AS215365 Tom Gewiese 🇩🇪 37[.]77[.]150[.]202/fakeurl[.]htm AS198953 Proton66 OOO 🇷🇺 👇 https://t.co/ql1vBMxcQJ #NetSupportRAT @smica83 @JAMESWT_WT @abuse_ch
skocherhan's tweet photo. mysrvcs[.]com 77[.]90[.]15[.]227 AS215365 Tom Gewiese 🇩🇪 37[.]77[.]150[.]202/fakeurl[.]htm AS198953 Proton66 OOO 🇷🇺 👇 https://t.co/ql1vBMxcQJ #NetSupportRAT @smica83 @JAMESWT_WT @abuse_ch https://t.co/mme65HV4R8
smica83's profile image
Szabolcs Schmidt Verified account @smica83
'xrp.ps1' seen from Spain @abuse_ch https://t.co/vectPbQ67g @skocherhan
smica83's tweet photo. 'xrp.ps1' seen from Spain @abuse_ch https://t.co/vectPbQ67g @skocherhan https://t.co/SZhcyOB6Oz
0
5
2
1
865
1
7
1
1
478
JAMESWT_WT's profile image
JAMESWT @JAMESWT_WT
#NetSupportRat Client32.ini MD5 9e4e8a03031260cc533ebeb2fca575b8 GatewayAddress=relativegoingplanning.]net:443 SecondaryGateway=185.39.19.]96:443 Reference ❇️https://t.co/8Z9wsUhVBk Samples ✅https://t.co/6ezDuzrBMD cc @500mk500
JAMESWT_WT's tweet photo. #NetSupportRat Client32.ini MD5 9e4e8a03031260cc533ebeb2fca575b8 GatewayAddress=relativegoingplanning.]net:443 SecondaryGateway=185.39.19.]96:443 Reference ❇️https://t.co/8Z9wsUhVBk Samples ✅https://t.co/6ezDuzrBMD cc @500mk500 https://t.co/sJ7cvNjieW
1
32
6
5
4K
HackRead's profile image
Hackread.com @HackRead
New JS#SMUGGLER malware campaign delivers #NetSupportRAT through compromised websites – hackers get full remote control of Windows machines. Read: https://t.co/mx0KyZKOJz #JSsmuggler #Malware #Cybersecurity #Windows
2
10
5
3
1K
01ra66it's profile image
Mr.Rabbit Verified account @01ra66it
イラン系Bloody Wolfが中央アジアを標的にJavaドロッパー+Geo-fencingでNetSupport RATを展開。政府・防衛向け長期潜伏狙い。JAR実行制御とNetSupport監査が必須。#BloodyWolf #NetSupportRAT #APT https://t.co/LKlUQJ9pKw
0
2
1
0
522
skocherhan's profile image
ܛܔܔܔܛܔܛܔܛ Verified account @skocherhan
restinoset[.]com badylex[.]com fetrhinospa[.]com nebodune[.]com menuderg[.]com perropa[.]com 88[.]218[.]64[.]49/fakeurl[.]htm AS209309 Oniks LLC 🇷🇺 #NetSupportRAT
skocherhan's tweet photo. restinoset[.]com badylex[.]com fetrhinospa[.]com nebodune[.]com menuderg[.]com perropa[.]com 88[.]218[.]64[.]49/fakeurl[.]htm AS209309 Oniks LLC 🇷🇺 #NetSupportRAT https://t.co/ZGURmbsegX
malwrhunterteam's profile image
MalwareHunterTeam Verified account @malwrhunterteam
Another "approve" related FUD on VT sample: 46ccbfc563eb008029e907807597295b6b4f813eeeebb078e31ff17839154a46 From: https://approveis[.]info/bVfrH7.png 82.118.16[.]207 - seen already, but still only 1 detection on VT... 🤷‍♂️
malwrhunterteam's tweet photo. Another "approve" related FUD on VT sample: 46ccbfc563eb008029e907807597295b6b4f813eeeebb078e31ff17839154a46 From: https://approveis[.]info/bVfrH7.png 82.118.16[.]207 - seen already, but still only 1 detection on VT... 🤷‍♂️ https://t.co/hGQTD2rW0F
1
13
2
3
6K
0
3
0
0
244
01ra66it's profile image
Mr.Rabbit Verified account @01ra66it
新たなClickFix攻撃キャンペーン「EVALUSION」が判明。偽CAPTCHA誘導でユーザにコマンド貼付・実行させ、Amatera StealerとNetSupport RATを配布。クリップボード&クラウド経由手口。ユーザ教育と実行制御強化必須。#ClickFix #Amatera #NetSupportRAT https://t.co/0JvD65Mm5j
0
4
0
0
523
sans_isc's profile image
SANS.edu Internet Storm Center Verified account @sans_isc
ISC diary: #SmartApeSG campaign uses #ClickFix page to push #NetSupportRAT https://t.co/j6EfBYLn5K
sans_isc's tweet photo. ISC diary: #SmartApeSG campaign uses #ClickFix page to push #NetSupportRAT https://t.co/j6EfBYLn5K https://t.co/Ui4AYsAQ1p
0
6
2
0
2K
JAMESWT_WT's profile image
JAMESWT @JAMESWT_WT
#NetSupportRat 👇 5.181.156.]104:443 Client32.ini👇 47e7c3f9be83c57d7058e194fa411988 👇 https://t.co/emtPFmw76c
1
9
1
1
1K
drb_ra's profile image
C2IntelFeedsBot @drb_ra
(Unverified) NetSupportRAT Found C2: 118[.]174[.]71[.]22:7443 Country: Thailand (AS23969) ASN: TOT-NET TOT Public Company Limited #c2 #NetSupportRAT #unverified
0
2
1
0
142
drb_ra's profile image
C2IntelFeedsBot @drb_ra
(Unverified) NetSupportRAT Found C2: 179[.]95[.]205[.]237:9990 Country: Brazil (AS18881) ASN: TELEFONICA BRASIL S.A #c2 #NetSupportRAT #unverified
0
3
2
0
439
drb_ra's profile image
C2IntelFeedsBot @drb_ra
(Unverified) NetSupportRAT Found C2: 93[.]232[.]103[.]14:82 Country: Germany (AS3320) ASN: DTAG Internet servic... #c2 #NetSupportRAT #unverified
0
3
1
0
590
drb_ra's profile image
C2IntelFeedsBot @drb_ra
(Unverified) NetSupportRAT Found C2: 51[.]34[.]39[.]107:51200 Country: Switzerland (AS16509) ASN: AMAZON-02 #c2 #NetSupportRAT #unverified
1
2
1
0
89
threatquery's profile image
ThreatQuery @threatquery
🚨 New C2 Detected! 🔗 52[.]63[.]111[.]178 ℹ️ ASN: AS16509 ℹ️ ASN Organization: AMAZON-02 📍 Country: AU 📍 City: Sydney 📅 2025-09-07T16:02:00 ℹ️ Type: #cnc - #c2 ℹ️ Family: #NetSupportRAT #ThreatIntelligence #IoCs #Malware
0
2
2
0
647
drb_ra's profile image
C2IntelFeedsBot @drb_ra
(Unverified) NetSupportRAT Found C2: 79[.]241[.]108[.]185:81 Country: Germany (AS3320) ASN: DTAG Internet servic... #c2 #NetSupportRAT #unverified
0
2
2
0
259

Last Seen Hashtags on Sotwe

AssSpread
Seen from United Kingdom
milica
Seen from Netherlands
quicksandfetish
Seen from Thailand
JAV
Seen from Indonesia
お婆ちゃん
Seen from Japan
momtamil
Seen from Brazil
localpashto
Seen from Brazil
허접
Seen from Korea
Teenage video*
Seen from Colombia
통화플
Seen from Korea

Trends for you

1
ariana
Under 10K tweets
2
#StanleyCup
Under 10K tweets
3
Bussi
Under 10K tweets
4
Canes
Under 10K tweets
5
FedEx
Under 10K tweets
6
#NIJIGift_MiniLive
Under 10K tweets
7
Mormons
Under 10K tweets
8
ASML
Under 10K tweets
9
All 20
Under 10K tweets
10
SAFETY NET
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.2M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.3M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.6M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
109M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
107M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.3M followers
nasa's profile image
7
NASA Verified account
@nasa
92.1M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.6M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
86.8M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
80.6M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
72.2M followers
kimkardashian's profile image
12
Kim Kardashian Verified account
@kimkardashian
69.4M followers
youtube's profile image
13
YouTube Verified account
@youtube
68.6M followers
imvkohli's profile image
14
Virat Kohli Verified account
@imvkohli
68.6M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.4M followers
theellenshow's profile image
16
The Ellen Show
@theellenshow
62.5M followers
cnn's profile image
17
CNN Verified account
@cnn
61.9M followers
neymarjr's profile image
18
Neymar Jr Verified account
@neymarjr
61.1M followers
x's profile image
19
X Verified account
@x
60.9M followers
selenagomez's profile image
20
Selena Gomez Verified account
@selenagomez
59.9M followers