D0ped
Released 22 years ago. September 2002
Copyright © MegaSecurity
By Zeromatic
Informations
| Author | Zeromatic |
| Family | D0ped |
| Category | Remote Access |
| Version | D0ped |
| Released Date | Sep 2002, 22 years ago. |
| Language | Visual Basic |
Additional Information
Server:
size: 184.320 bytes
port: 1661 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Rundll32"
Author Information / Description
d0ped Trojan is a client/server thing, running under any Windows9x or XP.
The zip-file containing this textfile, also includes a setup file.
Install the packets, then walk through the Start/Program menu. You'll find
a new menue called "Telhack Inc", whereunder you'll find the Client app.
The server application is simply named "d0ped.exe" as default.
As far as i know, CTRL-ALT-DEL (which - ofcourse - your'e able to disable:)
list will display the EXE-name of the file as a running process.
You might see this "trojan" as a later version of the "Rths"-trojan?
Well HECK it's not! This one is not to be controlled by any
terminal session, it has its own client application. The d0ped Trojan
also contain a lots of (new) amusing functions, for example:
* Snoop on users Internet Explorer navigation
* Edit filesystem
* Process and hardware status
* Constant change-of-system-wide-parameters status
* Hide mousecursor
* Very nice black textscreen function
* A silly "Please Enter passwords:" function
* Automatic search for Internet login/password
* Desktop management
* "Use 'Em": use the server to initiate a third session.
(Use the target as a secound terminal).
* Or initiate a hidden pingflood against.. anything.
* Desktop Management
* Port- and Password Settings
* A cute "incomming data"-textbox
- Default port is: 1661
- There is no password set as default.
ZeromaticIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.