jRAT

Malware Profile Updated 13 days ago
Download STIX
Preview STIX
jrat is a type of malware designed to exploit and damage computer systems. It can infect a system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. Symantec first spotted this version of jrat in early November 2017 and has recently observed a newer version of the cross-platform remote access Trojan (RAT) in the wild. This new version of jRAT includes several new capabilities and target platforms. Its configuration file, config.dat, can be decrypted using the AES key in key.dat. Versions of jRAT are using new tricks to evade parsing, detection, and prevent itself from being reverse-engineered. These new versions of jRAT have been reported to target Windows, Linux, and MAC operating systems, making it a threat to a wide range of devices. To protect against jrat, users should avoid downloading suspicious files, opening unknown emails, or clicking on suspicious links. Regularly updating antivirus software can also help detect and remove jrat infections. Additionally, users should stay informed about the latest threats and security vulnerabilities to ensure they are taking appropriate measures to secure their systems.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the jRAT Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Revamped jRAT Uses New Anti-Parsing Techniques