jar.jrat (Back to overview)


aka: Jacksbot

jRAT, also known as Jacksbot, is a RAT with history, written in Java. It has support for macOS, Linux, Windows and various BSD. It also has functionality to participate in DDoS-attacks as well as to perform click fraud. Note that the Adwind family often is mistakenly labeled as jRAT, because of of a red hering reference to

2019-05-20Check PointBen Herzog
@online{herzog:20190520:malware:dac1524, author = {Ben Herzog}, title = {{Malware Against the C Monoculture}}, date = {2019-05-20}, organization = {Check Point}, url = {}, language = {English}, urldate = {2019-10-14} } Malware Against the C Monoculture
AdWind jRAT GhostMiner Zebrocy
2016-08Electronic Frontier FoundationEva Galperin, Cooper Quintin, Morgan Marquis-Boire, Claudio Guarnieri
@techreport{galperin:201608:operation:38ba7ff, author = {Eva Galperin and Cooper Quintin and Morgan Marquis-Boire and Claudio Guarnieri}, title = {{Operation Manul}}, date = {2016-08}, institution = {Electronic Frontier Foundation}, url = {}, language = {English}, urldate = {2020-06-08} } Operation Manul
jRAT Bandook
2012-10-30Trend MicroJohanne Demetria
@online{demetria:20121030:jacksbot:8a7230b, author = {Johanne Demetria}, title = {{JACKSBOT Has Some Dirty Tricks up Its Sleeves}}, date = {2012-10-30}, organization = {Trend Micro}, url = {}, language = {English}, urldate = {2020-01-06} } JACKSBOT Has Some Dirty Tricks up Its Sleeves
2012-10-12The Mac Security BlogLysa Myers
@online{myers:20121012:new:33ecff1, author = {Lysa Myers}, title = {{New Multiplatform Backdoor Jacksbot Discovered}}, date = {2012-10-12}, organization = {The Mac Security Blog}, url = {}, language = {English}, urldate = {2020-01-09} } New Multiplatform Backdoor Jacksbot Discovered

There is no Yara-Signature yet.