|
|
PsychWard RAT Information
| Name: |
PsychWard |
| Category: |
RAT |
| Advice: |
Remove |
| Risk: |
Elevated Risk
Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge. |
| Description:
|
|
| Signatures:
|
process: 08881b.exe: MD5 Hash: a73a61d64ad02fd56e9...
process: pwclient.exe: MD5 Hash: 00d13deff1324c89f07...
process: pwclient.exe: MD5 Hash: 013ab95e2de00e8257c...
process: pwclient.exe: MD5 Hash: c94b2f32fe267340f2d...
process: pwclient.exe: MD5 Hash: 122090d959777aacbf9...
process: pwmodify.exe: MD5 Hash: 24d2c2953e0d0757551...
process: pwmodify.exe: MD5 Hash: ecf14a7f0ee1d1e735f...
process: pwmodify.exe: MD5 Hash: f8003ae3a9bc99e9bfb...
process: pwserver.exe: MD5 Hash: 55dc0e67b6a76b6c379...
process: pwserver.exe: MD5 Hash: a81741e1919dd87a1e1...
process: pwserver.exe: MD5 Hash: 977a3acff7cddc68efb...
process: pwclient.exe: MD5 Hash: 5c0c5864c6c9616b049...
process: pwmodify.exe: MD5 Hash: 5f1616fe5b2d751b72b...
process: pwserver.exe: MD5 Hash: 121c34220076907f639...
process: win98nuke.exe: MD5 Hash: 28f7bb10b74328e6712...
process: pwclient.exe: MD5 Hash: 105d16b0a154888502c...
process: pwmodify.exe: MD5 Hash: c93e0c064075d5800ae...
process: pwserver.exe: MD5 Hash: b9a42ca1e65cf0a7feb...
process: edit.exe: MD5 Hash: cfc89ca07bd0ad7b939...
process: pwclient.exe: MD5 Hash: ea0936c8124e512e863...
process: pwmodify.exe: MD5 Hash: 92a54cf5ba949d4e3ed...
process: pwserver.exe: MD5 Hash: 5fe19342f8f62de8dc0...
process: pwserver.exe: MD5 Hash: b12ff6b8b025e7fb0a1...
process: modify.exe: MD5 Hash: 1ae8319ca5621aa8a03...
process: server.exe: MD5 Hash: e324d74b5dcdd449730...
process: client.exe: MD5 Hash: cd695a3709a28618230...
process: modify.exe: MD5 Hash: 467b958596f48cd4ffc...
process: server.exe: MD5 Hash: 98f1caf085b2cc10cce...
process: t3 ftp dump site info.exe: MD5 Hash: 25c6c1cbd43e872886e...
process: xxxxxx.exe: MD5 Hash: 3c21d1c923468bab166.. |
| Type: |
RAT - A Remote Administration Tool (RAT) is a Trojan type of software that when run, provides an attacker with the capability of remotely controlling a user's computer (victim) over the Internet. The attacker usually has full access to functions on the victim's computer. The victim's computer usually listens on the Internet for the attacker's commands. |
Top RAT Visited Pages:
SubSeven - Alias: BackDoor-G22, BackDoor-Sub7 - 292 visits
NetBus v.1.70 - 207 visits
The Prayer - Alias: BackDoor-DI, Backdoor.Prayer.15 - 75 visits
Cyrex msn trojan - Alias: BackDoor-AOB, Backdoor.VB.dm, Backdoor.VB.dm, Cyrex msn trojan, W32/Delf.B - 69 visits
Global Killer - Alias: Backdoor.GlobalKiller 1.0, Global Killer 1.0 - 54 visits
Systray BackDoor - 52 visits
AutoSpY - Alias: Backdoor.AutoSpy - 47 visits
Secret Agent - Alias: Backdoor.Antinuke.10, Secret Agent 1.0 - 46 visits
Undetected - Alias: Backdoor.tds.4f, Backdoor.tds.se.23, Backdoor.tds.se.23a, Backdoor.tds.se.30, Backdoor.TDS.SE.31, Ba - 41 visits
Netbus - Alias: Backdoor.Netbus - 41 visits
Random RAT Pages:
Gaban Bus - Alias: Gip
Gibbon - Alias: Backdoor.Gibbon.a, Backdoor.Gibbon.b
BLA
Skull DeBurrower - Alias: BackDoor-ARU.gen, Backdoor.Skubur.b
JustJoke - Alias: Backdoor.Delf.by, Backdoor.JustJoke.12, Backdoor.JustJoke.12.b, Backdoor.JustJoke.21, Backdoor.JustJ
The Prayer - Alias: BackDoor-DI, Backdoor.Prayer.15
Specrem - Alias: Backdoor.Specrem.50
Zenmaster - Alias: Backdoor.Zenmaster.102
NetEyes - Alias: Backdoor.NetBull.10, NetEyes 1.0
Under7
|
|
