"njRAT" Uncovered
Revision as of 18:07, 30 July 2015 by Eric.freyssinet (talk | contribs) (Created page with "{{Publication |Botnet=NjRAT, |Group=RAT, |Year=2013 |Date=2013-06-27 |Editor=Fidelis cybersecurity |Link=http://www.threatgeek.com/2013/06/fidelis-threat-advisory-1009-njrat-u...")
(Publication) Google search: [1]
| "njRAT" Uncovered | |
|---|---|
| Botnet | NjRAT |
| Malware | |
| Botnet/malware group | RAT |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-06-27 |
| Editor/Conference | Fidelis cybersecurity |
| Link | http://www.threatgeek.com/2013/06/fidelis-threat-advisory-1009-njrat-uncovered.html (Archive copy) |
| Author | Fidelis |
| Type | White paper |
Abstract
“ In the past thirty days (30) an increase attack activity has been observed using the "njRAT" malware. This remote access trojan (RAT) has capabilities to log keystrokes, access the victim's camera, steal credentials stored in browsers, open a reverse shell, upload/download files, view the victim's desktop, perform process, file, and registry manipulations, and capabilities to let the attacker update, uninstall, restart, close, disconnect the RAT and rename its campaign ID. Through the Command & Control (CnC) server software, the attacker has capabilities to create and configure the malware to spread through USB drives.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1863,
editor = {Fidelis cybersecurity},
author = {Fidelis},
title = {"njRAT" Uncovered},
date = {27},
month = Jun,
year = {2013},
howpublished = {\url{http://www.threatgeek.com/2013/06/fidelis-threat-advisory-1009-njrat-uncovered.html}},
}