Doly 1.2

Released 25 years, 6 months ago. May 1999

Copyright © MegaSecurity

By A-D-M


Doly 1.2
Informations
Author A-D-M
Family Doly Trojan
Category Remote Access
Version Doly 1.2
Released Date May 1999, 25 years, 6 months ago.
Language Visual Basic
Additional Information
Server:
dropped files:
c:\msdos.win    Size: 0 bytes 
c:\sys.lon                        size: 267,264 bytes 
c:\win.dos                        size: 0 bytes 
c:\Memory manger2\data.dll        size: 267.264 bytes 
c:\Memory manger2\data.z          size: 17.408 bytes 
c:\Memory manger2\mem.dll         size: 24.064 bytes 
c:\Memory manger2\Memmanage.exe   size: 17.408 bytes 
c:\Memory manger2\Mmgi.soc        size: 138.752 bytes 
c:\Memory manger2\Msys.z          size: 11.776 bytes 
c:\Memory manger2\Data\mem.z      size: 607,744 bytes 
c:\Memory manger2\Data\su.z       size: 1.417 bytes 
c:\Program Files\MStesk.exe       size: 267.264 bytes 
c:\WINNT\Wings32.reg              size: 267.264 bytes 
c:\WINNT\winstart.bat             size: 91 bytes 
c:\WINNT\system\serv-u.ini        size: 1.417 bytes 
c:\WINNT\system\tesk.exe          size: 267.264 bytes 
c:\WINNT\system\windll16.sys      size: 607.744 bytes 

port: 1011 TCP

added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Ms tesk"
data: c:\Program Files\MStesk.exe 

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "load"
data: c:\windows\system\tesk.exe 

tested on Windows 2000
November 12, 2004

Author Information / Description
|--Feature list and info
|
|1 Connect: Connect to the victim's computer (You can connect to him only if he had installed the server)
| 
|2 Disconnect: Disconnect from the victim's computer
|
|3 Port Scanner: Use this tool to scan IP Adresses to see if they are infected with Doly Trojan
|
|4 Close client server: Close the Doly Trojan server (The server will be active again when the victim will restart his computer)
|
|5 Remove client server: Remove the Doly Trojan server from the victim's computer (You wont be able to connect to him if he wont run the setup again)
|
|6 Disable the double mouse's double click: Disable the victim's mouse's double click (He wont be able to open anything with his by his mouse)
|
|7 Remove desktop backround: Remove the backround image from the victim's Desktop
|
|8 Set system colors: Change the victim's system colors to Black
|
|9 Hide teskbar: Hide the victim's taskbar (He wont see his open applications)
|
|10 Show teskbar: Bring back the victim's taskbar
|
|11 FBI Screen: This will show on the victim's screen a cool image that he wont be able to remove untill he will make reset
|
|12 Mouse swape: Swape the victim's mouse left click to right click and the right click to the left click (Very annoying)
|
|13 Mouse unswape: Bring back the victim's mouse clicks to the original condition
|
|14 Disconnect: Disconnect the victim's computer from the Internet
|
|15 Move mouse to max point: Move the victim's mouse pointer to the buttom right side of the screen
|
|16 Change the tittle color to a random color: Change all the open applications titles to a different color every time you click on the button
|
|17 Sleep: Make the victim's computer go to "sleep" mode (Works only on Pentium 2 computers)
|
|18 Change the resolution to 640/480: Change the victim's screen resolution to 640/480
|
|19 Appz running: View all the applications and tesks that are running in the victim's computer
|
|20 Open ftp: Turn the victim's computer into a FTP site with FULL access to all of his files (After you press on this button open your ftp program, insert your victim's IP address, put port number 1012 and password: dont remember :) and you are ready to connect to his computer)
|
|21 Close ftp: Turn off the FULL access FTP site on the victim's computer (You will be able to connect to his computer by FTP if you'll press the Open FTP button again)
|
|22 Open CD: Open the victim's CD-ROM drive
|
|23 Close CD: Close the victim's CD-ROM drive
|
|24 Max-volume: Set the victim's volume level to maximum
| 
|25 Min-volume: Set the victim's volume level to minimum
|
|26 Show error screen: This will gradually fill the victim's screen with little error messages (If you wont stop it it will fill all of his screen)
|
|27 Stop error screen: Stop filling the victim's screen with the error messages (Will delete all the messages that had already been on his screen) 
|
|28 Close windows: Close the victim's windows and restart his computer
|
|29 Format: Format the victim's Hard Drive (This will format drive c:)
|
|30 Password: Discover the victim's ISP UserName, Password and Dial Up Number (This will work only if the victim use the "Save Password" option)
|
|31 Run program: Run any program from the victim's computer (You should type the full directory of the program)
|
|32 Run program: The same command as Run program but this will run the program hiden (The victim wont see the program is running)
|
|33 Fatal error with msg: Make a fatal error with a msg from you in the victim's windows (Will also close his windows)
|
|34 Sets all windows names: Change all the titles of the running applications to whatever you want
|
|35 Sets the computer name: Change the victim's computer name to whatever you want
| 
|36 Send to URL: Send your victim to any URL you type in the text browse (If his browser isnt open it will open it automatically)
|
|37 Change owner name: Change the victim's Windows owner and organization name to whatever you want

A-D-M

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.