DRAT 2009 V2.6

DRAT 2009 V2.6
(Backdoor.Win32.Hupigon.fpkj)
(Trojan-GameThief.Win32.OnLineGames.udpz for Server.dat)
(Trojan-GameThief.Win32.OnLineGames.udqm for System64.dll)
(Not detected by KAV on January 26, 2009 for extracted Server)

by New4[D.S.T]

more versions




Server
Dropped Files:
c:\WINDOWS\system32\System64.dat    Size: 69 bytes 
c:\WINDOWS\system32\System64.dll    Size: 296,448 bytes 


Added to Registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DRATSer "ImagePath"
Data: %SystemRoot%\system32\svchost.exe -k netservice 
	
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DRATSer\Parameters "ServiceDll"
Data: C:\WINDOWS\system32\\System64.dll 
	
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DRATSer "ImagePath"
Data: %SystemRoot%\system32\svchost.exe -k netservice 
	
	

Tested on Windows XP
January 12, 2009

MegaSecurity