Back Orifice 2000


Name: Back Orifice 2000
Aliases: BackOrifice2K.Inst,
Ports: 8787, 54320, 54321 (UDP) (ports can be changed)
Files: Bo2k.zip - 1,786,264 bytes Bo2k_dist_1_intl.zip - 479,120 bytes Bo2k_dist_1.0_us.zip - 490,714 bytes Bo2k_dist_1.0_us.zip - 1,299,966 bytes Bo2kdist1.0us.zip - 65,536 bytes Bo3des.zip - 21,030 bytes Bo2ksdk.zip - 28,670 bytes Bo2k_1_0_full.exe - Bo2k_1_0_intl.exe - 1,304,617 bytes Umg32.exe - Umgr32.exe - 114,688 bytes Umgr32~1.exe - Server.exe - Bo2k.exe - 139,264 bytes Bo2kcfg.exe - 221,184 bytes Bo2kgui.exe - 581,632 bytes Bo3des.dll - 24,576 bytes Bo_peep.dll - 53,248 bytes - 65,535 bytes
Created: July 1999
Requires: -----
Actions: Remote Access
Registers: HKEY_LOCAL_USERS\Software\Microsoft\Windows\CurrentVersion\RunServices\
Notes: Works on Windows 95, 98 and NT. XOR, TripleDES, AES and five other encryption algorithms. Open plug-in architecture. ? Open source code (GNU) is available. When it first was published it came in one domestic version and one internation, because of the strong encryption the domestic version used.
Country: written in the US
Program: Written in Visual C++.

© Copyright von Braun Consultants. This information may include technical inaccuracies or typographical errors. If you have any questions or further information about the actual trojan above, please contact Joakim von Braun at <joakim.von.braun@risab.se>