| Port No | 1026 |
| Service Name | nterm |
| RFC Doc | 0 |
| Protocol | UDP |
| Description | nterm.'remote_login network_terminal' nTerm is a command-based toolbar application that allows you to easily control and launch all of your applications, URLs, documents and directories. It can be used as a universal internet bookmark holder, a toolbar, or a developers tool (automatically open a window of prompt to that obfuscated directory and remember it for later). nTerm takes up a small amount of desktop real-estate unlike Icons or Icon-based toobars, can hide itself when not in use. It fully supports drag and drop for creation of launchable "macros". Just drag a URL, folder or application to it and be able to call it up quickly with a few keystrokes. nTerm is rich with features, and I'm sure you'll find it an indespenable part of your desktop in no time. |
| Reference Link | More Information |
| Attack | Name:BDDT A Trojan horse is a malicious program hidden in normally useful and harmless software. Trojan horse programs cannot replicate themselves, whereas viruses and worms can replicate themselves. A backdoor is a method that attackers use to gain unauthorized access to a system. A Remote Administration Tool (RAT) is a kind of Trojan that enables remote attackers to gain full control over an infected machine. A RAT typically uses the client/server communication model. The attack is conducted through a client program running on the attacker's machine, and a server program running on the target machine that opens a backdoor to receive commands from the client. BDDT is a RAT written in the Delphi language by the author with the nickname, godmch. Once installation, BDDT modifies the registry to ensure that it is executed whenever Windows starts. By default, BDDT monitors Transmission Control Protocol (TCP) port 31887. The BDDT server opens a backdoor and enables remote attackers to perform malicious actions including execute programs, obtain user information, and flood the system to conduct a Denial of Service (DoS) attack. Backdoor BDDT is a Trojan that opens up a backdoor program that, once installed on a system, permits unauthorized users to remotely perform a variety of operations, such as changing the registry, executing commands, starting services, listing files, and uploading or downloading files. The BDDT Client operates over ports 32000 and 1025. The server runs from files "C:\WINDOWS\SYSTEM\JOJO.EXE" and "C:\WINDOWS\SYSTEM\MSRUN.EXE" over ports 1026, 10887, and 10889. Both use TCP. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.