Event ID - 50505

Port No50505
Service NameSockets des Troie
RFC Doc0
ProtocolTCP
DescriptionWorks on Windows 95 and 98, together with ICQ. Features as telnet and finger.
Reference LinkSockets des Troie
Attack

Registers:
HCU\Software\Microsoft\Windows\CurrentVersion\Run\ HCR\DirectSocketsDrv\ HCU\Software\Microsoft\Windows\CurrentVersion\RunLoad\

Files:
Sdt2.3.zip - 855,872 bytes Sockets23.zip - 849,499 bytes Sockets23.exe - 1,082,880 bytes Genvirus.exe - 779,797 bytes Mschv32.exe - Mgadeskdll.exe - 339,456 bytes Rsrcload.exe - 339,456 bytes Csmctrl32.exe - 339,456 bytes DrvCtrl95.exe - 322,560 bytes Lcv_sys.exe - Discv.dll - Tcv.exe - Dcv.exe - Winstart.bat -

Actions:
Remote Access / ICQ trojan
Sockets des Troie is French for Trojan Sockets and was one of the very first Remote Access trojans being published.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.