The RAT connects using standard TCP/IP protocol, as long as the server file is loaded on the target victim computer. Once this file has been loaded once, the operator of the client end of the tool can then modify the registry to cause this file to be started everytime Windows starts, ensuring the hacker will always have access to the infected system.
Once access has been established, the hacker has almost complete control over his target. Every file on the system can be renamed, moved, deleted, frozen, changed, replaced, anything you can imagine. WAV files can be played, or played on loop, to annoy the hell out of the receiving end. Video and still images can be captured to have a log of the computer's visual activity.
In addition to this, the tool allows the hacker to share additional drives over the network, such as floppy or CD drives, allowing the hacker to write files to floppies or open/close the CD-ROM drive.
A more serious tool in the hacker's possession is the ability to log all keystrokes on the infected machine, allowing him to acquire passwords from the system. In addition, it can also acquire cached passwords, such as Windows Logon passwords, making the system incredibly vulnerable to attack and vandalism.
Finally, if the hacker is persistent enough, he can prevent the user from removing the tool from a variety of ways, short of disabling the network. Shutting down, locking, and restarting the computer are all options to stop the victim from removing the trojan, unless the network connection is broken.
Watch the VIDEO
Credits to - The original makers of this video
