Port No | 50551 |
Service Name | R0xr4t |
RFC Doc | 0 |
Protocol | TCP |
Description | R0xR4t is a Brazilian backdoor Trojan affecting Microsoft Windows operating systems. The backdoor server, server.exe, opens either TCP port 5050 or 60552 on the victim machine by default. It also modifies the Windows registry to ensure that it gets run at system start up. A remote attacker can use the R0xR4t client, R0xR4t.exe, to gain unauthorized access to the victim system. The attacker can use the client to upload/download files, execute files, and manipulate the file system, among other things. |
Reference Link | More INformation |
Attack | Name:R0xr4t R0xr4t Removal Instructions 1. Kill the following processes editserver.exe, r0xr4t.exe, server.exe 2. Remove the following files editserver.exe, icons.icl, leiame.txt, r0xr4t.exe, server.exe. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.