X RAT (e)

Released 20 years ago. November 2004

Copyright © MegaSecurity

By XSystem


Informations
From Russia
Author XSystem
Family X RAT
Category Remote Access
Version X RAT (e)
Released Date Nov 2004, 20 years ago.
Additional Information
dropped file:
c:\WINDOWS\system32\Rat.exe
size: 43,182 bytes 

port: 20888 TCP

added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_X-RAT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X-Rat
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_X-RAT
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\X-Rat



tested on Windows XP
January 05, 2005

Author Information / Description
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Backdoor is written for education purposes only!
Author doesn't take any responsibilities for using "X-Rat".

if you dont agree with this message, please remove this backdoor right now!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

1. Configuration

  Use "X-Rat -setup" enter config mode, you can set:
  
* 1.Set listen port
  2.Set access password
  3.Set edit server password
  4.Set login banner
  5.Set service name
  6.Set service display name
  7.Set EXE filename
* 8.Set Direct reverse onnection
* 9.Set HTTP path for reverse connection
  10.View config information

  11.Help
  0.Complete

  ps: the option with "*" blackball each other, only 1 will active.

2. Starting

X-Rat -once - run without installation
X-Rat -install - install and run
X-Rat.exe - default install and run
X-Rat -remove / -debug / -update NOT WORKING RIGHT NOW....
X-Rat -connect ip [port] - connect to host.. if not using X-Rat as client then you will not be able to use File transfeer
X-Rat -listen [port] - listen on port, wait for reverse connection

use help command when connected to get list of commands

addon:
not included but working commands is

ftpserver/ftpd directory port | eg: ftpd c: 81
httpproxy port | eg: httpproxy 3333
redir localport remote_ip remote_port | eg redir 333 microsoft.com 80
lsvc [DRIVERS]

ADDED!
klog [file] - keylogger
ddos IP port delay times maxsockets (use random port 1 or 0) (send data 1 or 0) data
regedit - go to regedit mode..the use help there
socks [port] - start socks5 proxy
httpd port path - start http server
sniff - start sniffer
idle - show user idle hours
getbanner
find what where - finds files and folders

XSystem

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.