JSPRAT

Description

(Mandiant) The usage of JSPRAT by FIN13 allows the actor to achieve local command execution, upload/download files, and proxy network traffic for additional pivoting during later stages of the intrusion. FIN13 has also historically used publicly available web shells coded in various languages including PHP, C# (ASP.NET), and Java.

Names

Name
JSPRAT

Type

Backdoor

Information

https://www.mandiant.com/resources/fin13-cybercriminal-mexico
https://www.secureworks.com/research/analysis-of-dhs-nccic-indicators

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/js.jsprat

Other Information

Uuid

cfa7d417-e5be-4f88-9503-57995761abd3

Last Card Change

2021-12-28

Threat Intelligence Garden

Explorer

JSPRAT

JSPRAT

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks