| Port No | 44 |
| Service Name | Artic |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Artic 0.6 beta is a trojan in early development. Many of the features are not finished. Like many trojans this one uses the GirlFriend trojan source code. |
| Reference Link | Artic Trojan |
| Attack | It autoloads the Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Key: Rundll16.exe It does the following : Chat with server Display bitmap Exit windows File manager Freeze windows Get info Get passwords Get screen shot Key logger on/off Monitor on/off Open browser Open/close CD-Rom PC speaker Play sound Send message Show/hide task bar Talk to server (using microphone) Removal : 1.Remove the Rundll16.exe key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Which can be done with regedit or any other registry editing program. 2. Reboot the computer or close Rundll16.exe. 3. Delete the trojan file Rundll16.exe in the windows directory. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.