HTTP RAT 0.2 (i)
(Backdoor.Win32.Zombam.i)

by zombie

Writtenin C

Released in June 2003

more versions


[HTTP_RAT 0.2]_______________________________________________

coded in C.
works on win9x/2000/xp

[What is it]_________________________________________________

HTTP_RAT is a "web-server" that allows you to browse victim's
computer with any browser on any OS(!). It sends victim's ip 
adress to your email adress, so u have just to open 
http://his_ip[:port] in your browser.

[How to use]__________________________________________________

Run httprat.exe, fill in your email addresss & smtp server(s)
and click [Create]. It will make a file called httpserver.exe.
Send that file to victim.
When victim opens it u'll get mail with instructions.

[Features]____________________________________________________

server size: 29kb
view/kill processes
browse/download files
close firewalls b4 running
hmm.. that's all 4 now ;]

these will be added in next version:

file uploading/executing/deleting
encryption
screen capture
registry editing(maybe)
better hiding/startup methods
automatically find smtp server

zombie


Server:
c:\WINDOWS\Cookies\ck412.exe 

size: 29.904 bytes 

port: 80 TCP

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ntmgr" 

MegaSecurity