Author Topic: how did this happen?  (Read 1204 times)

0 Members and 1 Guest are viewing this topic.

Offline Skyler8

  • Newbie
  • *
  • Posts: 3
how did this happen?
« on: March 25, 2019, 08:46:46 PM »
OK so i work on malware analyses in my free time when I'm doing something but for the last few days i been making a F.U.D. R.A.T. (Fully UnDetectable Remote Access Trojan) good so far however i have not distributed the R.A.T. but for the last few days i been getting a notification from the rat saying that JOHN has connected Who's john so i did a IP Geo-location search and traced it back to avast i still unaware how this happened. I'm using LIMERAT ]BTW it's open sourced found on GitHub (https://github.com/NYAN-x-CAT/Lime-RAT).
Picture below

« Last Edit: March 25, 2019, 09:34:59 PM by Skyler8 »

Offline Skyler8

  • Newbie
  • *
  • Posts: 3
Re: how did this happen?
« Reply #1 on: March 25, 2019, 08:55:47 PM »
picture should now be posted

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: how did this happen?
« Reply #2 on: March 25, 2019, 09:27:21 PM »
It is preferable to attach images to the topic. 
And the post remains with your topic.

Some don't like going off site to unknown urls.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Skyler8

  • Newbie
  • *
  • Posts: 3
Re: how did this happen?
« Reply #3 on: March 25, 2019, 09:37:52 PM »
ok fixed it should be attached

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: how did this happen?
« Reply #4 on: March 26, 2019, 12:34:36 AM »
Whilst not an Avast Team member.

I would suggest that it may well be being scanned by one of the avast shields.  Should that come across something new, not experienced by avast, so hash could well be being checked against avasts database.

Although not detected I just wonder if it could well be checked for analysis, though I don't know this for certain.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security