java bytecode analysis tutorial is really not good #19
Description
With the wrong tools it will for sure be a week long task to deobfuscate some jrat obfuscation.
Ghidra is an inferior tool for java bytecode analysis. Ghidra has absolutely no focus on java bytecode.
Java bytecode has no direct memory access capabilities, uses a stack and has other limitations, Ghidra having java bytecode support is very basic thing.
It shall be adviced to pick tools from this list: https://github.com/GenericException/SkidSuite
After analysis of the obfuscation used, using decompilers and deobfuscators up to the task (like bytecodeviewer + krakatau)
deobfuscation using the there-linked java-deobfuscator is a handleable task, reversal of the jrat sample shall be a thing of minutes to hours (depending on whether own transformer for java bytecode has to be written, how complex the obfuscation is, own knowledge and experience. etc).