| Port No | 11085 |
| Service Name | Syphillis |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Syphillis 1.18 is a alpha version that was leaked to the public. This trojan has new features such as a packet sniffer or the ability to send UDP messages |
| Reference Link | Syphillis |
| Attack | It Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Key: Win32 Shell Features: Add contact Batch file CD player controls Change ICQ state to online, away, n/a, occupied, dnd, invisible and offline Change mouse cursor Chat with server Download FTP or HTTP file Execute file File manager Find files Find infected servers Get cached passwords Get CPU info Get general info Get ICQ info Get network info Key logger Monitor on/off Mouse cursor trail on/off Open/close Cd-Rom Packet sniffer Record audio Registry editor Screen capture Send keys Set audio volume Set internet start page Show/hide desktop icons Show/hide start button Show/hide task bar Telnet server UDP listen/send View connections View Internet history View processes View running applications View shares View webcam Fix: Remove the Win32 shell key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. Which can be done with regedit or any other registry editing program. Reboot the computer or close Shell32.exe. Delete the trojan file Shell32.exe in the windows system directory. Shell32.log in the windows system directory keeps a log of who and at what time other computers logged on. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.