[Snort-sigs] jRAT

Ned Moran ned at ...3764...
Wed Jul 10 07:12:46 EDT 2013


yeah, its been used in an APT campaign to pull down poison ivy.
unfortunately, i dont have specific examples that I am able share at
this time.

-ned

On 7/10/13 7:01 AM, James Lay wrote:
> On Jul 9, 2013, at 8:12 PM, Ned Moran <ned at ...3764...> wrote:
>
>> is this what you are referring to https://jrat.pro/ ?
>>
>> On 7/9/13 10:00 PM, James Lay wrote:
>>> Anyone see info on this?  Trying to find samples or screenshots of c&c traffic or SOMETHING to go on.  Thanks all.
>>>
>>> James
> Yea….Java Remote Access Tool…seeing references to it the last couple days, but nothing actually showing it in use.
>
> James
>
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
> http://www.snort.org
>
>
> Please visit http://blog.snort.org for the latest news about Snort!





More information about the Snort-sigs mailing list