TI Mindmap HUB
Threat Intelligence Report

eSentire | Unpacking NetSupport RAT Loaders Delivered via ClickFix

📅 October 28, 2025 📰 www.esentire.com 🔍 1 CVE(s) referenced

Threat actors are increasingly abusing legitimate NetSupport Manager remote administration tools—primarily delivered via the ClickFix social engineering vector—to gain full remote control over victim machines, with multiple distinct threat groups employing sophisticated PowerShell and MSI-based loaders to evade detection and persist within compromised environments.

vendor
CVE-2025-61882

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle