| Port No | 2311 |
| Service Name | Studio 54 |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Studio 54 1.0 is a small Visual Basic trojan. There is nothing out of the ordinary with this trojan |
| Reference Link | Studio 54 |
| Attack | It Autoloads: Registry: HKEY_USERS\.Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Key: Windows Kernel Features: Chat with server Clear/get/set clipboard Control mouse Get cached passwords Get information Hang up internet connection Hide/show task bar Hide/show tray clock Hide/show tray icons Hide/show start button Hide/show system keys Key logger Logoff, reboot or shutdown windows Open/close CD-Rom Run file Send message Fix: Remove the Windows Kernel key in the registry located at HKEY_USERS\.Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices. Which can be done with regedit or any other registry editing program. Reboot the computer or close WinKernel32.exe. Delete the trojan file WinKernel32.exe in the windows directory. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.