S0648Windows

S0648JSS Loader

Platforms
1
ATT&CK
14.1
References
3

Description

[JSS Loader](https://attack.mitre.org/software/S0648) is Remote Access Trojan (RAT) with .NET and C++ variants that has been used by [FIN7](https://attack.mitre.org/groups/G0046) since at least 2020.(Citation: eSentire FIN7 July 2021)(Citation: CrowdStrike Carbon Spider August 2021) Documented platforms: Windows. Attributed to ATT&CK group: FIN7. Catalogued in ATT&CK 14.1. 3 references curated.

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupFIN7g004695%live

References

  1. https://attack.mitre.org/software/S0648
  2. https://www.esentire.com/security-advisories/notorious-cybercrime-gang-fin7-lands-malware-in-law-firm-using-fake-legal-complaint-against-jack-daniels-owner-brown-forman-inc
  3. https://www.crowdstrike.com/blog/carbon-spider-embraces-big-game-hunting-part-1/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
FYAnti
Software
Starloader
Software
P8RAT
Software
PS1
Software
LitePower
Software
hcdLoader
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.