Theta 2.0

Released 20 years, 1 month ago. October 2004

Copyright © MegaSecurity

By Ghirai


Theta 2.0
Informations
Author Ghirai
Family Theta
Category Remote Access
Version Theta 2.0
Released Date Oct 2004, 20 years, 1 month ago.
Language Assembly
Additional Information
dropped file:
c:\WINNT\system32\theta_server.exe

size: 9.728 bytes
 
port: 51086 TCP 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "theta"
data: theta_server.exe 
	
tested on win2000

Author Information / Description
Theta is basically a 6.4 Kb cmd server. Might seem much for just a cmd server,
but it's so big because of 9* compatibility (I mean injection, read technical details).

What is a cmd server you ask? Well, it's a server, that enables you to have access to another computer's command prompt,
which is often all you need, because from there you can do anything (providing you know basic DOS commands);
you can even download and run a file from the Internet.

Theta 2 key features:
- it's written 100% in assembly (server and server builder), resulting in small file size, low memory print, and high speed.
- it's not bloated by unnecessary features.
- ability to password-protect a server
- reverse connection (for servers installed on systems behind routers/proxys/etc).
- it uses a injection method that isn't very common, so that, once installed, the server can not be removed,
  unlike the standard dll injection techniques you will find in most other RATs.
- the server is highly configurable.
- you can connect to your server from any operating system that supports TCP/IP and has a terminal.

You can also use it as a back door to a back door, in case your other RAT gets detected/removed/whatever.
Theta will make sure you always have access to the box.

Requirements: The package (server and editor) will run without any problems on any 386 and up processor,
with at least Win95, and Winsock 1.1 or higher.

It accepts an unlimited number of clients, and features reverse connection, ICQ and PHP notifications.

What's New in Theta 2 
Theta 2 (compiled in August 2004 - released in October 2004)
added reverse connection
added password protection
changed CGI notification to PHP
improved some error handling and memory leaks
other minor server tweaks

Ghirai

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.