| Port No | 23456 |
| Service Name | EvilFTP |
| RFC Doc | 0 |
| Protocol | UDP |
| Description | Backdoor Vagr nocker 1.2 is a Trojan that opens up a backdoor program that, once installed on a system, permits unauthorized users to remotely perform a variety of operations, such as changing the registry, executing commands, starting services, listing files, and uploading or downloading files. Vagr Nocker typically runs from the server file "C:\WINDOWS\Winahlp.exe" over port 6969 via TCP. |
| Reference Link | More Information |
| Attack | Name:Vagr Nocker 1.2 The remote host appears to be infected with the Backdoor.VagrNocker trojan. This trojan allows remote access to your system via port 12884 and 21554. How To Remove: 1. Kill the following processes edtsrv.exe, server 3.exe, server.exe, vagr3.exe, vagrnocker.exe, vagrnocker-client12.exe, vagrnocker-server12.exe 2. Remove the following files edtsrv.exe, read me.txt, server 3.exe, server.exe, vagr3.exe, vagrnocker-client12.exe, vagrnocker-server12.exe, vagrnocker.exe. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.