Deep Throat


Name: Deep Throat
Aliases: Win32.DeepThroat, DTV2, DTV3, BackDoor.J, Backdoor.DeepThroat, W95/Backdoor.Tray,
Ports: 41, 999, 2149, 2140 (UDP), 3150, 3150 (UDP), 6670, 6771, 60000
Files: Dtv1.zip - 518,427 bytes Dtv2.zip - 713,805 bytes V2client.zip - 410,145 bytes Dtv2.1.zip - 299,996 bytes V3server.zip - 259,875 bytes V3client.zip - 519,032 bytes V31server.zip - 277,217 bytes V31client.zip - 707,056 bytes V31liteclient.zip - 594,953 bytes DT3.1liteclient.zip - 596,397 bytes DT3.1securer.zip - 277,639 bytes Remotecontrol.exe - 271,959 bytes Remotecontrol.exe - 414,644 bytes Remotecontrol.exe - 414,657 bytes Remotecontrol.exe - 505,344 bytes Server.exe - 533,013 bytes Dtv3 client.exe - 483,840 bytes Dtv3.1 client.exe - 622,800 bytes Dtv31-lite-client.exe - 606,720 bytes Dtv31-lite-client.ini - 1,690 bytes Client.sys - 26,112 bytes Confstub.sys - 26,112 bytes Confstub.dll - 26,112 bytes Confstub2.dll - 27,648 bytes Binder.dll - 26,112 bytes Systempatch.exe - 260,971 bytes Systempatch.exe - 266,752 bytes Systempatch.exe - 269,971 bytes Systempatch.exe - 284,160 bytes Systempatch.exe - 307,398 bytes Systempatch.exe - 312,180 bytes Systempatch.exe - 491,000 bytes System32.exe - Systemio.exe - Systray.exe - Pddt.dat - Acdt.dat - Deep throat mib.exe - 310,690 bytes
Created: Oct 1998
Requires:
Actions: Remote Access / FTP server / Steals passwords
Registers: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\General\Settings
Notes: Works on Windows 95, 98 and NT. There is a Global Master Password backdoor in all the servers: v 2.0 - whothefuckdoyouthinkiamgoddamnit2v 2.1 - whothefuckdoyouthinkiamgoddamnit1v 3.* - whothefuckdoyouthinkiamgoddamnit3
Country:
Program: Written in Delphi 4.

© Copyright von Braun Consultants. This information may include technical inaccuracies or typographical errors. If you have any questions or further information about the actual trojan above, please contact Joakim von Braun at <joakim.von.braun@risab.se>