| Port No | 911 |
| Service Name | Dark Shadow |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Works on Windows. Password = UHA. Compatible with the Back Orifice server. |
| Reference Link | Dark Shadow Trojan |
| Attack | It autoloads the Registry: HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices \ File : Darkshadow.zip - 87,119 bytes Darkshadow.trojan.exe - 180,321 bytes Winfunctions.exe - It does the following : Remote Access The trojan is encrypted. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.