Archive A Reconstructed © MegaSecurity Database
X RAT (e)
Released 21 years, 5 months ago. November 2004
Copyright © MegaSecurity
By XSystem
Informations
| From | Russia |
| Author | XSystem |
| Family | X RAT |
| Category | Remote Access |
| Version | X RAT (e) |
| Released Date | Nov 2004, 21 years, 5 months ago. |
Additional Information
dropped file:
c:\WINDOWS\system32\Rat.exe
size: 43,182 bytes
port: 20888 TCP
added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_X-RAT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X-Rat
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_X-RAT
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\X-Rat
tested on Windows XP
January 05, 2005
Author Information / Description
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Backdoor is written for education purposes only!
Author doesn't take any responsibilities for using "X-Rat".
if you dont agree with this message, please remove this backdoor right now!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1. Configuration
Use "X-Rat -setup" enter config mode, you can set:
* 1.Set listen port
2.Set access password
3.Set edit server password
4.Set login banner
5.Set service name
6.Set service display name
7.Set EXE filename
* 8.Set Direct reverse onnection
* 9.Set HTTP path for reverse connection
10.View config information
11.Help
0.Complete
ps: the option with "*" blackball each other, only 1 will active.
2. Starting
X-Rat -once - run without installation
X-Rat -install - install and run
X-Rat.exe - default install and run
X-Rat -remove / -debug / -update NOT WORKING RIGHT NOW....
X-Rat -connect ip [port] - connect to host.. if not using X-Rat as client then you will not be able to use File transfeer
X-Rat -listen [port] - listen on port, wait for reverse connection
use help command when connected to get list of commands
addon:
not included but working commands is
ftpserver/ftpd directory port | eg: ftpd c: 81
httpproxy port | eg: httpproxy 3333
redir localport remote_ip remote_port | eg redir 333 microsoft.com 80
lsvc [DRIVERS]
ADDED!
klog [file] - keylogger
ddos IP port delay times maxsockets (use random port 1 or 0) (send data 1 or 0) data
regedit - go to regedit mode..the use help there
socks [port] - start socks5 proxy
httpd port path - start http server
sniff - start sniffer
idle - show user idle hours
getbanner
find what where - finds files and folders
XSystemThis archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.