DRaT 1.24
Copyright © MegaSecurity
By DaRaTTy
Informations
| Author | DaRaTTy |
| Family | DRaT |
| Category | Remote Access |
| Version | DRaT 1.24 |
| Language | Visual C++ |
Additional Information
dropped file:
c:\WINDOWS\SHELL32.EXE
size: 77,312 bytes
port: 54379, 48 TCP
startup:
HKEY_CLASSES_ROOT\batfile\shell\open\command "(Default)"
old data: "%1" %*
new data: SHELL32 "%1" %*
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)"
old data: "%1" %*
new data: SHELL32 "%1" %*
tested on Windows XP
November 17, 2005If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.