| Port No | 31320 |
| Service Name | LW |
| RFC Doc | 0 |
| Protocol | UDP |
| Description | This Trojan attempts to download and execute a file from a remote IP address via FTP.
However, as of this writing, it fails to download the file from the said IP address because it cannot login. THis is because it uses incorrect user name and password. After execution, this Trojan creates and executes a batch file that deletes this Trojan and itself. |
| Reference Link | LW |
| Attack | Solution: Important Windows ME/XP Cleaning Instructions Users running Windows ME and XP must disable System Restore to allow full scanning of infected systems. Users running other Windows versions can proceed with the succeeding procedure set(s). |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.