The Trojan may arrive as a malicious attachment from spam emails.
The Trojan was developed in Java and can be run on multiple operating systems, including:
The Trojan opens a back door on the compromised computer and connects to the following domain:
Note: Backdoor.Jeetrat can be built with a kit and can be configured to access any URL.
The Trojan may perform the following actions:
- Take screenshots
- Visit URLs in the browser
- Access the file system to read, write, or delete files
- Download and execute files
- Run arbitrary commands
- Shutdown the computer
- Logout accounts
- Launch network floods to a remote target
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":