| Port No | 4201 |
| Service Name | War Trojan |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | War Trojan 1.0 is a old trojan. War trojan has a few normal features, howeve because it is old and does not have many features it probalby is not used anymore. |
| Reference Link | War Trojan |
| Attack | Autoloads: Registry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Key: Kernel32
Features: Caps lock on/off Delete/start various files (explorer, regedit, etc) Disable/enable CTRL-ALT-DEL Hide/show mouse cursor Hide/show taskbar Key logger on/off Nums lock on/off Monitor on/off Open/close CD-Rom Send message Send to URL Swap mouse buttons Fix: Remeber the file in Kernel32 key in the registry located at HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run and then remove the Kernel32 key. Which can be done with regedit or any other registry editing program. Reboot the computer or close the trojan from the registry. Delete the trojan from the registry |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.