| Port No | 1097 |
| Service Name | Remote Administration Tool |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Works on Windows 95, 98, ME and Unix [Linux and FreeBSD]. RAT server 1.1 has IRC support added. Send.tgz is Unix client. ˆ Source code is available. |
| Reference Link | Remote Administration Tool Trojan |
| Attack | It autoloads the Registry: HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ RunServices\ and some 38 other entries !!! It does the following : 1. Remote Access 2. AOL trojan Can register under 40 different HKEYs. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.