.: B-|R.A.T|-T :.

By BrosTeam

Additional Details

  • Coded by: BrosTeam
  • Version: B-|R.A.T|-T
  • Coded in: Visual Basic
  • Family: B-|R.A.T|-T
  • Category: Remote Access

MegaSecurity Notes

Server:
dropped files:
c:\TEMP12345678.exe            Size: 1,105,920 bytes 
%local dir%\dsfiles.dll        Size: 8,244 bytes 
c:\WINDOWS\sdssdgjeg012.exe    Size: 1,105,920 bytes 

port: 4123 TCP

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "NortonLiveUpdate2o"
data: C:\windows\sdssdgjeg012.exe 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce "afkasjhfa3254f"
data: C:\TEMP12345678.exe 



tested on Windows XP
June 06, 2005

Author Words

CLIENT: B-[R.A.T]-T.exe
SERVER: WMUpdate.exe



---------------------------------

Infection: 
           Simple
           Suggested to use with 00003.exe and/or IRC-Zombie
              00003 will disable any AVs/Firewalls
              IRC-Zombie will notify u when the user is online. 
           Use MBinder to bind them together.

Ports: 
       4123
       4124
       4125
       4126
       4127

Scan for 4123 to find such users.

Password: 
          In Setup Menu u can set/remove pass.
          If server its password protected, it 'll 
          require pass to allow u to connect to it.
          If there is no pass set yet, server 'll
          allow u to connect.
          To reset /remove a pass, just leave the 
          password field empty and press "Set".

Menus: 
       Most labels on main screen controls menus.
       ex. "Setup" , "Fun", "Advance", "Misc"
       
       "Screen" and "Capture" have sub-menus.
  
Options:
         FUN: 
              1.0) Chat
              2.0) Draw
              3.0) MsgBox
              4.0) Screen:
                     4.1) Animations
                     4.2) ScrSaver
         ADV:
              1.0) Capture
                     1.1) Desktop
                     1.2) WebCam
              2.0) FManager
              3.0) Registry
              4.0) Keylogger
         Misc: 
              1.0) Mouse
              2.0) Keyboard
              3.0) Hide/Show
              4.0) Extras

Advance remote tracing
Server Setup

NOTE: "Capture Desktop": Allows u to view and control remote PC.
                         The speed depends on both PCs.
      "Capture WebCam": If a webcam its unplugged or not installed
                        u may get any wrong image or to get error.
      "Animations": Matrix maybe kill connection with server.
	  

BrosTeam

URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.