JavaRAT
Java-based RAT (Adwind/jRAT lineage). C2 domain b86c11.cc. Steganographic payload embedded in icon.png (Targa format 257x257). Heavy Java obfuscation (Zelix/Allatori). Caesar-shift obfuscation of class/method names. Cross-platform: Windows/Linux/macOS.
Threat Profile
Type
RAT
Programming LanguageJava
C2 ProtocolTCP
First Seen2023
Targets
Küresel
Purpose / Capabilities
- Remote Access
C2 Servers 1
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
b86c11.cc
|
443 | HTTPS | INACTIVE |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (1)
JavaRAT malware.jar -- b86c11.cc C2 Domaini, icon.png Stegano Targa Imaj Gomulu Payload, Zelix Allatori Java Agir Obfuskasyon, Caesar Shift Obfuskasyonu Sinif Metod Isimlerinde | Yuksek
JavaRAT malware.jar 1.6MB. b86c11.cc C2 domaini. icon.png stegano Targa imaj gomulu payload. Zelix/Allatori Java agir obfuskasyon. Caesar shift obfuskasyonu sinif metod isimlerinde.
Read Report →