| Port No | 1010 |
| Service Name | Doly Trojan |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Doly Trojan 1.35, unlike the previous 1.1 version, comes with a 2.31 megabyte setup.exe file to infect your computer. The setup file installs a newer version of Memory manager then Doly 1.1, however, like Doly 1.1 the setup file also installs a trojan. Like version 1.1, Doly Trojan 1.35 has a format hard drive feature. It can also upload files and then run them, thus allowing other trojan infections. Doly 1.35 adds a IRC or (DolyIRC as the programmers cleverly (?) call it), which lets servers advertise infected server information to a pre defined IRC channel. The IRC notify feature allows anyone with a doly client to sit in the IRC channel and wait for servers to broadcast their information and then connect to the infected computer. |
| Reference Link | Doly Trojan Trojan |
| Attack | It autoloads the Registry: Startup group It does the following : Change computer name Change owner name Change resolution to 640/480 Change the title color on open windows to a random color Change volume to maximum or minimum Close all windows Close server Disable double click Disconnect server from internet Display fatal error plus customizable message Display FBI screen Get ICQ UIN Get passwords Get user info Hide/show mouse Hide/show task bar IRC notify Key logger on/off Move mouse Open/close cd-rom Open FTP server Remove windows background Run program (visible to user or hidden) Send to URL Set all window names to another name Set systems color Sleep Show/stop error screen Shutdown windows Swap/unswap mouse buttons (Left button becomes right) View running applications |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.