ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Adwind

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Adwind

NamesAdwind
Adwind RAT
Frutas
UnReCoM
Alien Spy
JSocket
JBifrost RAT
Unknown RAT
jConnectPro RAT
CategoryMalware
TypeReconnaissance, Backdoor, Keylogger, Credential stealer, Info stealer, Exfiltration, Miner
Description(Proofpoint) The AlienSpy RAT is very powerful in the hands of an attacker. Some of the key features supported by the RAT include:

• Collection of system information for fingerprinting and displaying on the attacker’s controller dashboard
• File system, process and registry explorer with ability to view and modify
• Ability to run console commands
• Keylogging to capture user inputs
• Ability to download and execute secondary payloads
• Credential theft from various browser stores
• Ability to spy on victim through screenshots, webcam, microphone
• Ability to RDP (Remote Desktop) to infected clients
• Ability to mine various type of digital currency such as bitcoin, litecoin, dogecoin etc.
Information<https://www.proofpoint.com/us/threat-insight/post/You-Dirty-RAT>
<https://unit42.paloaltonetworks.com/the-legend-of-adwind-a-commodity-rat-saga-in-eight-parts/>
<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/07195002/KL_AdwindPublicReport_2016.pdf>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/jar.adwind>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:alienspy>

Last change to this tool card: 24 April 2021

Download this tool card in JSON format

All groups using tool Adwind

ChangedNameCountryObserved

APT groups

 LazyScripter[Unknown]2018 
 Packrat[Latin America]2008 

2 groups listed (2 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key