Snort mailing list archives
Re: jRAT
From: Ned Moran <ned () mysterymachine info>
Date: Wed, 10 Jul 2013 07:12:46 -0400
yeah, its been used in an APT campaign to pull down poison ivy. unfortunately, i dont have specific examples that I am able share at this time. -ned On 7/10/13 7:01 AM, James Lay wrote:
On Jul 9, 2013, at 8:12 PM, Ned Moran <ned () mysterymachine info> wrote:is this what you are referring to https://jrat.pro/ ? On 7/9/13 10:00 PM, James Lay wrote:Anyone see info on this? Trying to find samples or screenshots of c&c traffic or SOMETHING to go on. Thanks all. JamesYea….Java Remote Access Tool…seeing references to it the last couple days, but nothing actually showing it in use. James ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!