WEB MONITOR RAT DOWNLOAD
This Java application will allow an operator to upload and download files from a target system and control the system via a reverse shell.įor a downloadable copy of IOCs, see: MAR-10382580-1.v1.stix. The remaining file is a heavily encoded Java Server Pages (JSP) application that functions as a malicious webshell. The malware can also function as a proxy, allowing a remote operator to pivot to other systems.
These C2 capabilities include the ability to remotely monitor a system's desktop, gain reverse shell access, exfiltrate data, and upload and execute additional payloads. The embedded executables are Remote Access Tool (RAT) that provides a vast array of Command and Control (C2) capabilities.
Two of the embedded executables are included in this report. 5 files are malicious loaders that contain an embedded executable.
0 kommentar(er)
