Event ID - 1314

Port No1314
Service NameDAODAN
RFC Doc0
ProtocolTCP
DescriptionThis backdoor program connects to target machines through varying ports. Once connected, it awaits for commands or actions from the remote malicious user. It has both server and client component, which is why it can act as a server or as a client on affected machines.
Reference LinkDAODAN
AttackDetails:

This backdoor program connects to target machines through the following ports:
3333
1314
1111
5555
Once connected, it awaits for commands or actions from the remote malicious user.
It has server and client component. The server component is dropped in the following paths:
C:\Windows\RUNDLL16.EXE
C:\Windows\WIN32DLL.EXE

Solution:
Systems infected with this malware can be cleaned by simply scanning for and deleting files detected as BKDR_DAODAN.A.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.