DRaT (e) Server
Copyright © MegaSecurity
By DaRaTTy
Informations
| Author | DaRaTTy |
| Family | DRaT |
| Category | Remote Access |
| Version | DRaT (e) Server |
| Language | Visual C++ |
Additional Information
Server:
dropped files:
c:\WINDOWS\kl.txt size: 0 bytes
c:\WINDOWS\MSDra32.exe size: 16.386 bytes
port: 3627 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MSDra32"
data: C:\WINDOWS\MSDra32.exe
c:\windows\system.ini, [boot] "shell"
old value: Explorer.exe
new value: explorer.exe MSDra32.exe
tested on Windows 98
December 01, 2004If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.