Backdoor.Ratenjay Description

Backdoor.Ratenjay (njRAT) is a dangerous RAT, or Remote Access Trojan, that is used to take over the victims' computers and control them from a remote location, track on information, or their activities. Backdoor.Ratenjay is especially prevalent in the Middle East. In most cases, RATs like Backdoor.Ratenjay may be associated with botnets, that is, vast networks of infected computers that can be controlled as a group to carry out combined attacks. A botnet is the kind of threat that may be used to accomplish DDoS attacks (Distributed Denial of Service) on specific targets to overwhelm them and make them inaccessible, to issue massive amounts of spam email messages, to launder money, conceal harmful online activities and a variety of other suspicious activities. RATs may be an effective weapon in conflicts and the Middle East is no exception. Backdoor.Ratenjay is the most widely used RAT in countries ranging from North Africa (for example Algeria or Tunisia) to Middle Eastern countries such as Kuwait and Iraq.

Shooing this RAT out of Your Computer

Backdoor.Ratenjay is very similar to the most widely used RATs. Backdoor.Ratenjay may execute malicious code on infected computers, modify the infected computer's settings, track on the victim's activities by taking screenshots or logging keystrokes, access the infected computer's Webcam and a variety of other potentially harmful activities. Malware researchers first detected Backdoor.Ratenjay in June of 2013 and, currently, there are three distinct versions of this threat that are active. In most cases, Backdoor.Ratenjay is distributed using infected USB drives or folders shared on a network.

Why Backdoor.Ratenjay is So Popular in the Middle East

The popularity of Backdoor.Ratenjay in this part of the world is due thanks to two factors. First of all, Backdoor.Ratenjay is developed by hackers in Kuwait, who update Backdoor.Ratenjay regularly and have adapted Backdoor.Ratenjay for use in this region. Secondly, this part of the world is currently undergoing numerous political and social upheavals where hacking and online activism is tremendously important. RATs like Backdoor.Ratenjay are tremendous weapons for both sides of the conflict.

Infected with Backdoor.Ratenjay? Scan Your PC

Download SpyHunter's Spyware Scanner
to Detect Backdoor.Ratenjay
* SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

File System Details

Backdoor.Ratenjay creates the following file(s):
# File Name
1 %Temp%\[THREAT FILE NAME].exe
2 %ProgramFiles%\Startup\[RANDOM NAME].exe
3 [THREAT FILE NAME] may be one of the following strings:
4 driver
5 %SystemDrive%\! My Picutre.SCR
6 Trojan
7 %DriveLetter%\! My Picutre.SCR
8 WinRAR
9 adobe

Registry Details

Backdoor.Ratenjay creates the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[DIGITS AND NUMBERS]" = "\%Temp%\[THREAT FILE NAME]\"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\"CleanShutdown" = "0"

Related Posts

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 10 + 8 ?