Home Malware Programs Remote Administration Tools Freddy K

Freddy K

Posted: March 28, 2006

This is a RAT tool, used by hackers to gain remote control ower someone's PC. The attacker infects his victim via the e-mail or the File and Print Sharing computer with a "server" application. Once inside the computer, the virus opens a default port and awaits commands from the intruder. He can connect using a "client" application on his own PC. The functions of a RAT may vary, depending on the needs of the intruder. This RAT was created using Delphi applicationming language. The author is a German hacker called Norinco. Variants apeared from October 2000 to August 2003.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 [system
    2 anleitung.txt
    3 freddy.hlp
    4 freddyk.exe
    5 freddyk3.exe
    6 freddykkillerr.exe
    7 micronet.dll
    8 micronet.exe
    9 roh.2
    10 server.txt
    11 serversetup.doc
    12 serversetup.txt
    13 winapi.exe
    14 wintool.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionunwinapi.exeHKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionunwintool.exe

Related Posts

Loading...