How to detect a RAT

Discussion in 'other anti-malware software' started by lunarlander, Jan 14, 2017.

  1. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    Hi,

    How does one detect a RAT ? SysInternal's Autoruns may reveal it if one knows one's run key contents. How else can one detect a RAT ? Netstat may reveal it if it is not protected by a rootkit.
     
    Last edited: Jan 14, 2017
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    With tools like HIPS, firewalls and system monitors? Most trojans/RATS will try to inject code, make outbound connections, and try to get access to files.
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,591
    Location:
    U.S.A.
    RATs are delivered usually via a multi-stage attack; often times with user assistance through phishing and the like. RATs often install a rootkit as part of their attack making their detection extremely difficult. On x64 OSes, kernel patch protection protects against kernel mode rootkits.
     
  4. lunarlander

    lunarlander Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    326
    Hi Rasheed187,

    What system monitors are you thinking of?
     
  5. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    "Hi Rasheed187,

    What system monitors are you thinking of?"


    I think he was referring to using ones nose? :argh: the old saying, I smell a rat.

    or maybe Gmer
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  7. guest

    guest Guest

    with a piece of cheese? :argh:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.