Event ID - 31785

Port No31785
Service NameHack_a_Tack
RFC Doc0
ProtocolTCP
DescriptionThis is another remote administration tool for Windows 95/98. Its usual name is "Hack(single quote here)a(single quote here)Tack.exe" which is executed to control the computer which has "Server.exe" running on it.
Reference LinkHack_a_Tack Trojan
AttackInformation :
FTP- This client part will be notified of whoever have the server part of the program installed on their machines, because the server part is able to download the current IP of the infected machine and send messages to its client partner. Scan- The client program can sweep a range of subnets with great efficiency in a given interval.The client portion steals information about the infected system such as the current user, country, time, the OS and CPU type. It can even log the passwords and typed keys of the current user. Messages will be sent to the victim and before it is sent, it is pre-viewed.
Like NetBus, this backdoor program controls the computer system. It opens/closes the CD-ROM drive, shows/hides the taskbar, disables keys on the keyboard, swaps mouse keys and freezes the cursor at will. Worse of all, it can shut down, reboot or log off the system remotely.As a powerful program, BKDR_EXPLORE32.C can manipulate the machine by killing, hiding, showing or renaming a process. It also can download/upload files from the machine and makes screen shots out of the victimized system.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.