Description
[jRAT](https://attack.mitre.org/software/S0283) is a cross-platform, Java-based backdoor originally available for purchase in 2012. Variants of [jRAT](https://attack.mitre.org/software/S0283) have been distributed via a software-as-a-service platform, similar to an online subscription model.(Citation: Kaspersky Adwind Feb 2016) (Citation: jRAT Symantec Aug 2018)
External References
Techniques Used by This Malware
- T1007 — System Service Discovery
- T1016 — System Network Configuration Discovery
- T1021.001 — Remote Desktop Protocol
- T1027 — Obfuscated Files or Information
- T1027.002 — Software Packing
- T1029 — Scheduled Transfer
- T1037.005 — Startup Items
- T1047 — Windows Management Instrumentation
- T1049 — System Network Connections Discovery
- T1056.001 — Keylogging
- T1057 — Process Discovery
- T1059.003 — Windows Command Shell
- T1059.005 — Visual Basic
- T1059.007 — JavaScript
- T1070.004 — File Deletion
- T1082 — System Information Discovery
- T1083 — File and Directory Discovery
- T1090 — Proxy
- T1105 — Ingress Tool Transfer
- T1113 — Screen Capture
- T1115 — Clipboard Data
- T1120 — Peripheral Device Discovery
- T1123 — Audio Capture
- T1125 — Video Capture
- T1518.001 — Security Software Discovery
- T1552.001 — Credentials In Files
- T1552.004 — Private Keys
- T1555.003 — Credentials from Web Browsers