| Port No | 13079 |
| Service Name | KRYPGHOS.13 |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This backdoor malware is version 1.3 of the Remote Access Tool (RAT) known as Kryptonic Ghost. It has a server component, which infects target machines, and a client component, which controls the server.
Apart from compromising network security, this backdoor malware can be used to steal and delete files from compromised machines. |
| Reference Link | KRYPGHOS.13 |
| Attack | Solutions: This procedure applies for systems running Windows NT/2000/XP. For systems running Windows 9x and ME, proceed with the next procedure (Removing the Autostart Entry from the Registry). Press CTRL+SHIFT+ESC, then select the Processes tab. In the list of running programs, locate the programs: RDM712.EXE MSERD1.EXE MSGP.EXE One at a time, select each program, then press the End Process button. To verify if the malware processes have been terminated, close Task Manager then open it again. Close Task Manager. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.