| Port No | 777 |
| Service Name | Undetected |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Works on Windows 95, 98 and ME. |
| Reference Link | |
| Attack | It autoloads the Registry: HLM\Software\Microsoft\Windows\CurrentVersion\Run\ HKEY_LOCALE_MACHINES\Software\Classes\exefile\shell\open\command File : Undetected1.1.zip - 390,607 bytes Undetected2.2.zip - 415,753 bytes Undetected2.3a.zip - 41,243 bytes Undetected2.3SE.zip - 290,125 bytes Undetected3.0b.zip - 228,617 bytes Undetected3.1.zip - Undetected3.2.zip - Undetected3.3.zip - Undetected_xmas.zip - Undetected_botcreator.zip - Udt31p.zip - 288,847 bytes Udt31s.zip - 18,687 bytes Server.exe - 17,920 bytes Editserver.exe - 158,208 bytes Umuerte.exe - 188,416 bytes Udt3b.exe - 192,152 bytes Udt31.exe - 208,896 bytes Udt4fuk.exe - 211,968 bytes Udtse.exe - 237,056 bytes Regcheck.exe - 19,968 bytes Cap.dll - 10,752 bytes Fun.dll - 12,288 bytes Fun.dll - 13,312 bytes Fun.dll - 20,480 bytes General.dll - Irchole.dll - 11,766 bytes Ucompress.dll - 15,360 bytes Ebios.vxd - Winloader.exe - 20,480 bytes Winload32.exe - 21,097 bytes Rnaap.exe - 20,480 bytes Compressor.exe - 14,336 bytes Winrun.exe - Msrexe.exe - Binder.mdl - 12,800 bytes Install.mdl - 12,800 bytes Rar_sfx.mdl - 12,800 bytes Plugex.dpr - 470 bytes Commands.cfg - 302 bytes Commands.cfg - 1,383 bytes Commands.cfg - 1,412 bytes Commands.cfg - 1,492 bytes It does the following : 1.Remote Access 2. Steals passwords 3.EXE Binder May alter Win.ini and/or System.ini. Based on SubSeven. Some of the files are packed with the UPX 1.01. It comes with several different skins and supports plug-ins, so features may change. With Undetected, the hacker is able to write and execute different types of scripts, such as .bat and .vbs files, on the infected machine. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.