skip to Main Content

Cybercrime, Adwind RAT spreads via fake emails on invoice on SendGrid

Adwind RAT spreads via fake emails on invoice on SendGrid. The xlsb attachment downloads a powershell which recover a zip document. Inside, there is the malware (aka Java RAT or jRAT)

Adwind/Java RAT (jRAT) has been spread by cybercrime through a false emails on invoice via SendGrid. It has been discovered by Abuse.ch cybersecurity experts. The attachment, an xlsb file, downloads a powershell, as the Malware Hunter JAMESWT detected. It recovers a .zip document with the malware and its components. The Java RAT is designed to steal passwords, access files, for keylogging and for screen-capture. Moreover, Adwind RAT it is distributed openly in the form of a paid service, where the “customer” pays a fee in return for use of the malicious program.

Back To Top