SYMBOLCOMMON_NAMEaka. SYNONYMS
jar.jrat (Back to overview)

jRAT

aka: Jacksbot
URLhaus      

jRAT, also known as Jacksbot, is a RAT with history, written in Java. It has support for macOS, Linux, Windows and various BSD. It also has functionality to participate in DDoS-attacks as well as to perform click fraud. Note that the Adwind family often is mistakenly labeled as jRAT, because of of a red hering reference to jrat.io.

References
2019-05-20Check PointBen Herzog
@online{herzog:20190520:malware:dac1524, author = {Ben Herzog}, title = {{Malware Against the C Monoculture}}, date = {2019-05-20}, organization = {Check Point}, url = {https://research.checkpoint.com/malware-against-the-c-monoculture/}, language = {English}, urldate = {2019-10-14} } Malware Against the C Monoculture
AdWind jRAT GhostMiner Zebrocy
2016-08Electronic Frontier FoundationEva Galperin, Cooper Quintin, Morgan Marquis-Boire, Claudio Guarnieri
@techreport{galperin:201608:operation:38ba7ff, author = {Eva Galperin and Cooper Quintin and Morgan Marquis-Boire and Claudio Guarnieri}, title = {{Operation Manul}}, date = {2016-08}, institution = {Electronic Frontier Foundation}, url = {https://www.eff.org/files/2018/01/29/operation-manul.pdf}, language = {English}, urldate = {2020-06-08} } Operation Manul
jRAT Bandook
2012-10-30Trend MicroJohanne Demetria
@online{demetria:20121030:jacksbot:8a7230b, author = {Johanne Demetria}, title = {{JACKSBOT Has Some Dirty Tricks up Its Sleeves}}, date = {2012-10-30}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/jacksbot-has-some-dirty-tricks-up-its-sleeves/}, language = {English}, urldate = {2020-01-06} } JACKSBOT Has Some Dirty Tricks up Its Sleeves
jRAT
2012-10-12The Mac Security BlogLysa Myers
@online{myers:20121012:new:33ecff1, author = {Lysa Myers}, title = {{New Multiplatform Backdoor Jacksbot Discovered}}, date = {2012-10-12}, organization = {The Mac Security Blog}, url = {https://www.intego.com/mac-security-blog/new-multiplatform-backdoor-jacksbot-discovered}, language = {English}, urldate = {2020-01-09} } New Multiplatform Backdoor Jacksbot Discovered
jRAT

There is no Yara-Signature yet.