Doly 1.5
Released 25 years, 5 months ago. July 1999
Copyright © MegaSecurity
By A-D-M
Informations
| Author | A-D-M |
| Family | Doly Trojan |
| Category | Remote Access |
| Version | Doly 1.5 |
| Released Date | Jul 1999, 25 years, 5 months ago. |
| Language | Visual Basic |
Additional Information
server:
dropped files:
c:\msdos.win
Date: 4/15/2004 3:01 PM
Size: 0 bytes
c:\sys.lon
Date: 7/14/1999 3:07 AM
Size: 232,960 bytes
c:\win.dos
Date: 11/12/2004 4:58 PM
Size: 0 bytes
c:\Program Files\Mdm.exe size: 232.960 bytes
c:\Program Files\Memory manger26\data.dll size: 232.960 bytes
c:\Program Files\Memory manger26\data.z size: 17.408 bytes
c:\Program Files\Memory manger26\mem.dll size: 24.064 bytes
c:\Program Files\Memory manger26\Memmanage.exe size: 17.408 bytes
c:\Program Files\Memory manger26\Msys.z size: 8.704 bytes
c:\Program Files\Memory manger26\Data\Datar.reg size: 406.016 bytes
c:\Program Files\Memory manger26\Data\mem.z size: 611.840 bytes
c:\Program Files\Memory manger26\Data\su.z size: 1.413 bytes
c:\WINNT\Wings32.reg size: 232.960 bytes
c:\WINNT\winstart.bat size: 86 bytes
c:\WINNT\system\GDIres.reg size: 406.016 bytes
c:\WINNT\system\Gdiserv.drv size: 611.840 bytes
c:\WINNT\system\Gdisrv.reg size: 1.413 bytes
c:\WINNT\system\Kernal32.exe size: 232.960 bytes
c:\WINNT\system\Wings32.drv size: 232.960 bytes
port: 1015 TCP
startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Ms tesk"
data: c:\Program Files\Mdm.exe
HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\Ava "Path"
data: C:\WINNT\system\Kernal32.exe
c:\Documents and Settings\%user%\Start Menu\Programs\Memory manger Folder\Memmanage.exeIf you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.