from the doc: '-The client
program: DaCryptic.exe -The
backdoor: simple_verc.exe ''-Source code of
the simple backdoor ''
simple_ver.dpr ''-Source code of the worm
version '' worm_ver.dpr This backdoor/worm
has been coded in the period of the PrettyPark
worm so it's an old project forgotten in a drawer.
This worm has never been spread because there are
many little bugs and it's really dirty
coded. -The keylogger function doesn't work
under NT, an external dll must be build. -The
trick with the exefilecommandopen in the
registry seems to not run all programs. Little
description: The worm function scan Outlook and
Eudora address book file and after send email. I
don't know know if that work with the last
versions. There is a thread which connect to an
irc for see who is online. The port 1174 is
open only when the victim is online and the
Wsock32 api call are encrypted and the protocol of
the backdoor too. The keylogger was design
mainly for detect if a 13,16 digit code is tape on
the keyboard and after put a flag in the registry
(it's surely the big need of money who push me to
put this function inside :-). The other
function are: registry access, file
upload/download, windows process,
etc.. Cryptic_'
Alias:
Backdoor.DaCryptic
Backdoor.DaCryptic
[Kaspersky]
Backdoor/Dacrypt!Server [Computer
Associates]
Backdoor/DaCryptic [Computer
Associates]
BackDoor-OB [McAfee]
Bck/DaCryptic
[Panda]
security risk or a "backdoor" program
[F-Prot]
Win32/DaCryptic trojan [Eset]
