Skip to content
1-888-762-8736(M-F 8:00am-5:00pm CST)
1-877-218-7353(M-F 8:00am-5:00pm CST)
href="http://www.trendmicro.com/us/enterprise/index.html" id="ENT-overview-test2" title="SEE ALL ENTERPRISE SOLUTIONS">Enterprise Overview
This is a backdoor builder written in Java. It has been seen as a free download in underground forums. This opens a possibility that malicious users may use this tool to create a connect-back client .JAR file on the infected computer.
To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below.
This is a backdoor remote access tool (RAT) builder written in Java. It is capable of creating a client .JAR file to allow attackers to control a system.
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
This is a backdoor remote access tool (RAT) builder written in Java.
It is capable of creating a client .JAR file to allow attackers to control a system. It may execute the following commands to an infected system:
It contains an option to kill the following specific anti-malware related processes:
It also contains an option to encrypt its class files and install plug-ins. It has the option to set an autostart registry or scheduled task to enable automatic execution every system startup.
Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
Identify and terminate files detected as JAVA_PRUTRATS.A
To terminate the malware/grayware/spyware process:
Scan your computer with your Trend Micro product to delete files detected as JAVA_PRUTRATS.A. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Connect with us on
| | | |