SYMBOLCOMMON_NAMEaka. SYNONYMS
jar.icerat (Back to overview)

IceRat


According to Karsten Hahn, this malware is actually written in JPHP, but can be treated similar to .class files produced by Java. IceRat has been observed to carry out information stealing and mining.

References
2020-12-01GdataKarsten Hahn
IceRat evades antivirus by running PHP on Java VM
IceRat

There is no Yara-Signature yet.