| Port No | 1314 |
| Service Name | DAODAN |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This backdoor program connects to target machines through varying ports. Once connected, it awaits for commands or actions from the remote malicious user. It has both server and client component, which is why it can act as a server or as a client on affected machines. |
| Reference Link | DAODAN |
| Attack | Details: This backdoor program connects to target machines through the following ports: 3333 1314 1111 5555 Once connected, it awaits for commands or actions from the remote malicious user. It has server and client component. The server component is dropped in the following paths: C:\Windows\RUNDLL16.EXE C:\Windows\WIN32DLL.EXE Solution: Systems infected with this malware can be cleaned by simply scanning for and deleting files detected as BKDR_DAODAN.A. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.