ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Adwind

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Adwind

NamesAdwind
Adwind RAT
Frutas
jFrutas
UnReCoM
Alien Spy
AlienSpy
JSocket
Sockrat
jBiFrost
JBifrost RAT
Unknown RAT
jConnectPro RAT
Unrecom
Trojan.Maljava
CategoryMalware
TypeReconnaissance, Backdoor, Keylogger, Credential stealer, Info stealer, Exfiltration, Miner
Description(Proofpoint) The AlienSpy RAT is very powerful in the hands of an attacker. Some of the key features supported by the RAT include:

• Collection of system information for fingerprinting and displaying on the attacker’s controller dashboard
• File system, process and registry explorer with ability to view and modify
• Ability to run console commands
• Keylogging to capture user inputs
• Ability to download and execute secondary payloads
• Credential theft from various browser stores
• Ability to spy on victim through screenshots, webcam, microphone
• Ability to RDP (Remote Desktop) to infected clients
• Ability to mine various type of digital currency such as bitcoin, litecoin, dogecoin etc.
Information<https://www.proofpoint.com/us/threat-insight/post/You-Dirty-RAT>
<https://unit42.paloaltonetworks.com/the-legend-of-adwind-a-commodity-rat-saga-in-eight-parts/>
<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/07195002/KL_AdwindPublicReport_2016.pdf>
MITRE ATT&CK<https://attack.mitre.org/software/S0283/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/jar.adwind>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:alienspy>

Last change to this tool card: 30 December 2022

Download this tool card in JSON format

All groups using tool Adwind

ChangedNameCountryObserved

APT groups

 LazyScripter[Unknown]2018 
 Packrat[Latin America]2008 

2 groups listed (2 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents
Telephone +66 (0)2-123-1227
E-mail [email protected]