| Port No | 23023 |
| Service Name | Logged |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Logger 1.0 is a key logging trojan. It does have a few extra features. When we tested it, it did not seem to infect properly. It never seemed to move itself from the original location. It also appears to search the whole computer and write to the wininit.ini to remove Virus Scan (We think). If it is not finding Virus Scan then it is just doing something very slowly. Perhaps if it finishes this then it will maybe move the file. |
| Reference Link | Logged Trojan |
| Attack | It does the following : Chat Enable/Disable Ctrl-Alt-Del Get current drive and directory Key logger Remove server Removal : 1.Remove the Hadvlafuhf key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Hgtpzlbubj key at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices and Hfagfaktkp key at HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run. Which can be done with regedit or any other registry editing program. 2.Reboot the computer or close logged .exe. 3. Delete any logged .exe's on the computer |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.