Skacat-- Njrat 0.7d Green Edition 2024.zip -2.1... Fixed Jun 2026

| Aspect | Details | |--------|---------| | | NjRAT (also known as NjRat‑NG , NjRAT‑Lite ) – first seen in 2012, widely distributed by Eastern‑European cyber‑crime groups. | | Current Campaign | The “Green Edition” is being advertised on several Russian‑language forums (e.g., exploit.in , antichat.ru ) and on underground marketplaces as a “premium” build with “enhanced UI”. The ZIP file name ( Skacat-- NjRat 0.7D Green Edition 2024.zip ) references a popular Russian “Skacat” (means “to jump”) malware pack series. | | Operators | Likely an ad‑hoc group of script‑kiddies or low‑tier cyber‑criminals. No direct evidence of nation‑state involvement, but the code base shares many components with older NjRAT versions that have been used in espionage‑oriented campaigns. | | Distribution Vectors | 1. Spam email attachments (ZIP with social‑engineering subject lines). 2. Drive‑by downloads from compromised WordPress sites (malicious JS → ZIP download). 3. Direct sharing on Telegram/Discord channels. | | Target Profile | Primarily Windows 10/11 workstations in Eastern Europe and the Middle East; however, the binary is architecture‑agnostic for x64 Windows, so any organization using unpatched Windows hosts is at risk. |

Sample Name: Skacat-- NjRat 0.7D Green Edition 2024.zip -2.1… File Type: ZIP archive (contains a Windows PE executable) Date of Collection: 2024‑03‑12 (approx.) Analyst: [Redacted] – Malware Research Team Classification: Remote Access Trojan (RAT) – NjRat family, “Green Edition” (v0.7D) Skacat-- NjRat 0.7D Green Edition 2024.zip -2.1...