Latest News

Learn how to hack a PC or remote system using Trojan & Backdoor: Download LOST DOOR RAT all versions here for free

Lost Door is a backdoor trojan horse family of more than 10 variants which can infect Windows operating systems from 95 to XP. It was created by OussamiO and built using Visual Basic. It uses the typical server, server builder, and client backdoor program configuration to allow a remote user, who uses client, to execute arbitrary code on the compromised machine (which runs the server whose behavior can be controlled by the server editor). The server component (75,053 bytes) when running, connects to a predefined IP address on TCP port 2185, awaiting commands from the remote user who uses the client component can execute arbitrary code at will on the compromised machine.
Features

Lost Door allows many malicious actions on the victim's machine. Some of its abilities include:
  • Reverse connection
  • Webcam shot
  • Date and time manager
  • printer
  • Control panel
  • PC control
  • Executor
  • Dos command
  • Windows manager
  • Screen shot
  • Remote server manager
  • Server remover
  • Ip Grabber
  • Server Downloader
  • Icon Changer
  • Audio Streaming
  • Encrypt Settings
  • Volume Control
  • Connection Logs
  • Installed Application
  • Infect All USB
  • Multilanguage
  • Services Viewer
  • Remote passwords
  • MSN Controller
  • Remote Shell
  • Chat with server
  • Send fake messages
  • files manager
  • Find files
  • Change remote screen resolution
  • Information about remote computer
  • Clipboard manager
  • Internet Explorer options
  • Running Process
  • Online key-logger
  • Offline keylogger
  • Fun Menu

Infection Method

Lost Door has a server creator with features that allow it to be undetected by antivirus and firewall software, and also allow it to stealthily run in the background. The software only runs completely (including rootkit) in Windows XP/2000. Such features include disabling security software, removing and disabling system restore points, and displaying a fake error message to mislead the victim.


This version is now detectable by ESET NOD32 Antivirus. For other AV's, I have not checked.

Server
Dropped Files:
c:\WINDOWS\system32\dlllhost.exe
Size: 129,808 bytes

Added to Registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Winupdate"
Data: C:\WINDOWS\system32\dlllhost.exe

REFERENCES
  • http://www.checkpoint.com/defense/advisories/public/2009/cpai-30-Mar.html
  • http://www.megasecurity.org/trojans/l/lostdoor/Lostdoor_all.html
  • http://www.techmantras.com/content/lost-door-32-rat
Too lazy to say Thanks or comment here? Why not too lazy to read my post?? If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here.

No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code