| Port No | 1095 |
| Service Name | Backdoor.RAT |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This backdoor program allows a remote user access to an infected computer. It has a server component that it installs on an infected computer and a client component that it uses to control and access an infected computer. It compromises network security |
| Reference Link | BKDR_RAT |
| Attack | Solutions: Once the server component is executed, it stays resident in memory. Thereafter, a remote user running this client component can logon and gain access to the computer infected with the server component. This client component is capable of doing the following to an infected system: View/Terminate list of processes running Run a program View/Remove/Add registry entries View Network drives Reboot the system Change the port and password of the server Log keystrokes and applications Copy/View/Move/Delete/Find files |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.