A RAT question

Discussion in 'Application Software' started by Satoshi19, Jan 24, 2018.

  1. Satoshi19

    Satoshi19 MDL Member

    Jun 15, 2017
    150
    10
    10
    #1 Satoshi19, Jan 24, 2018
    Last edited: Jan 24, 2018
    Hi, suppose a PC is infected with (unknown or Darkcomet) RAT by crooked X, then afterwards Cunning Z comes unknowing that it's already infected by X, infects/or at least tries to infect it. So now what would happen? Would X RAT prevents further infection? Or Both RAT's have access to device? Or would X lose his access since Z overthrew X, infected with his own RAT on top? Or if both coexist Would both X & Z able to see conflicting each other's RAT presence, see each other RAT's vicious activities (or even further trying to fight to remove each other from device) ? Or even see address of each other's C&C server?
     
  2. pisthai

    pisthai Imperfect Human

    Jul 29, 2009
    6,814
    1,997
    210
    It would all depend how your machine is secured on one hand and on the other hand, what kind of apps are used by the RAT's. Many (countless) scenarios are possible!

    Important for to avoid such, is the security stage of both, your computer and your internet connection via Modem/Router.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. rockyanexpert

    rockyanexpert MDL Junior Member

    Mar 6, 2010
    79
    55
    0
    It's not at all easier to predict or hypothise these ratings around:)
     
  4. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,620
    3,912
    120
    That would depend on which port was being used by either RAT for remote com, and whether either RAT was competing to be in the boot sector.
    As far as the boot sector goes, it's last one in is the winner.

    And then it depends on how the RAT code was written with regards to persistence, and what it does to remain in the boot sector.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...