.: B-|R.A.T|-T :.
By BrosTeam
::actions
Additional Details
- Coded by: BrosTeam
- Version: B-|R.A.T|-T
- Coded in: Visual Basic
- Family: B-|R.A.T|-T
- Category: Remote Access
MegaSecurity Notes
Server: dropped files: c:\TEMP12345678.exe Size: 1,105,920 bytes %local dir%\dsfiles.dll Size: 8,244 bytes c:\WINDOWS\sdssdgjeg012.exe Size: 1,105,920 bytes port: 4123 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "NortonLiveUpdate2o" data: C:\windows\sdssdgjeg012.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce "afkasjhfa3254f" data: C:\TEMP12345678.exe tested on Windows XP June 06, 2005
Author Words
CLIENT: B-[R.A.T]-T.exe SERVER: WMUpdate.exe --------------------------------- Infection: Simple Suggested to use with 00003.exe and/or IRC-Zombie 00003 will disable any AVs/Firewalls IRC-Zombie will notify u when the user is online. Use MBinder to bind them together. Ports: 4123 4124 4125 4126 4127 Scan for 4123 to find such users. Password: In Setup Menu u can set/remove pass. If server its password protected, it 'll require pass to allow u to connect to it. If there is no pass set yet, server 'll allow u to connect. To reset /remove a pass, just leave the password field empty and press "Set". Menus: Most labels on main screen controls menus. ex. "Setup" , "Fun", "Advance", "Misc" "Screen" and "Capture" have sub-menus. Options: FUN: 1.0) Chat 2.0) Draw 3.0) MsgBox 4.0) Screen: 4.1) Animations 4.2) ScrSaver ADV: 1.0) Capture 1.1) Desktop 1.2) WebCam 2.0) FManager 3.0) Registry 4.0) Keylogger Misc: 1.0) Mouse 2.0) Keyboard 3.0) Hide/Show 4.0) Extras Advance remote tracing Server Setup NOTE: "Capture Desktop": Allows u to view and control remote PC. The speed depends on both PCs. "Capture WebCam": If a webcam its unplugged or not installed u may get any wrong image or to get error. "Animations": Matrix maybe kill connection with server. BrosTeam
URL's and mails were automatically redacted (filtered) for reader's safety. However the filter is not perfect and can't find all harmful elements. If you find something dangerous including file link, website, mail address, profanity... contact me immediately at sub7crew@protonmail.com, thank you in advance.