FreeRat 1.0

FreeRat 1.0
(Trojan-GameThief.Win32.Magania.bfjv)
(Trojan.Win32.Agent.bnyc)
(Trojan-Dropper.Win32.Agent.aggr)

by ?

Released in January 2009

Made in China


Server
Dropped Files:
c:\WINDOWS\system32\FreeRat.dll Size: 126,976 bytes 
c:\WINDOWS\system32\FreeRat.ini Size: 40 bytes 


Added to Registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\abcd "ImagePath" 
Data: %SystemRoot%\System32\svchost.exe -k netsvcs 

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\abcd\Parameters "ServiceDll" 
Data: C:\WINDOWS\system32\FreeRat.dll 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\abcd "ImagePath" 
Data: %SystemRoot%\System32\svchost.exe -k netsvcs 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\abcd\Parameters "ServiceDll" 
Data: C:\WINDOWS\system32\FreeRat.dll 


Tested on Windows XP
March 24, 2009

MegaSecurity