Doly 1.1
Released 25 years, 5 months ago. April 1999
Copyright © MegaSecurity
By A-D-M
Informations
| Author | A-D-M |
| Family | Doly Trojan |
| Category | Remote Access |
| Version | Doly 1.1 |
| Released Date | Apr 1999, 25 years, 5 months ago. |
| Language | Visual Basic |
Additional Information
Server:
dropped files:
c:\msdos.win Size: 0 bytes
c:\sys.lon Size: 169,472 bytes
c:\Memory manger\data.dll size: 169.472 bytes
c:\Memory manger\data.z size: 17.408 bytes
c:\Memory manger\mem.chk size: 607.744 bytes
c:\Memory manger\mem.dll size: 24.576 bytes
c:\Memory manger\memmange.exe size: 27.648 bytes
c:\Memory manger\su.chk size: 1.417 bytes
c:\Program Files\MStesk.exe size: 169.472 bytes
c:\WINNT\dos.win size: 24.576 bytes
c:\WINNT\winstart.bat size: 70 bytes
c:\WINNT\system\serv-u.ini size: 1.417 bytes
c:\WINNT\system\tesk.exe size: 169.472 bytes
c:\WINNT\system\windll16.sys size: 607.744 bytes
port: 1011 TCP
added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Ms tesk"
data: c:\Program Files\MStesk.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "load"
data: c:\windows\system\tesk.exe
tested on Windows 2000
November 12, 2004If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.