jRAT
JRAT is a JAVA-based Remote Access Trojan (RAT) that may be compatible with operating systems other than Windows because JAVA applications are cross-platform compatible as long as the targeted host has the JAVA Runtime Environment (JRE) installed. Regardless of this, the primary targets of jRAT’s authors appear to be Windows-based computers.
The first samples of this hacking tool were spotted in 2017, but since then the RAT has undergone several updates that introduced new features and VM-evasion techniques. One of the larger campaigns linked to the use of the jRAT relies on fraudulent emails to get users to download a ‘.jar’ attachment that carries the threat’s payload.
Once the jRAT is initialized, it may use the WMIC service to execute a Windows command that checks for the presence of anti-virus software and firewall configuration. It also drops a secondary ‘.jar’ file to the Windows %TEMP% folder, and ensures that it will be run whenever Windows starts. Last but not least, the jRAT connects to the attackers’ server and transmits basic system details.
The list of features that jRAT boasts is not that impressive, but the threat is still able to violate the privacy of its victims, and collect data:
- Record keystrokes.
- Take screenshots of the desktop and active Windows.
- Use Windows’ voice feature to play an audio message.
- Download and launch files on the compromised host.
- Modify files on the victim’s computer.
- Use the Web camera.
Dealing with the jRAT is an important task since any minute that this malware spends active may end up costing you dearly. Threats of this sort can be easily eradicated with the use of a reputable anti-virus software suite.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to jRAT may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Download SpyHunter's Malware Scanner** See Free Trial offer below. EULA and Privacy/Cookie Policy.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.