DG RAT 7.1

DG RAT 2008 (7.1)
(Trojan-Dropper.Win32.Agent.xud for Client)
(Backdoor.Win32.Poison.dwo for Server)
(Backdoor.Win32.Delf.jil for Server.dll)

by DG

Written in Delphi

Released in June 2008

Made in China

more versions





Server
Dropped File:
c:\WINDOWS\system32\d3dx.dll
Size: 28,672 bytes 

Added to Registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS\Parameters "ServiceDll"
Old data: C:\WINDOWS\System32\qmgr.dll 
New data: C:\WINDOWS\system32\d3dx.dll 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters "ServiceDll"
Old data: C:\WINDOWS\System32\qmgr.dll 
New data: C:\WINDOWS\system32\d3dx.dll 




Tested on Windows XP
August 11, 2008

MegaSecurity