Overview |
Vendor Notes: |
From the doc: 'DSK - Lite v1 is coded in visual basic 6.0 using winsock API Removing the need forthe depancy & the bulky size of Microsofts crappy Mswinsck.ocx control.it is build 2 be used as a small uploading trojan but it has some nice features for the small size of the server it kills 412 firewalls & deletes them from start up all the server settings use its own unique encryption & the sin notify give it the ability to bypass lan victims. it comes with a server builder where you can set all the reqiured settings within the server and then compile your own customized verson with 3 types of output 1. an unpacked server (Bigger in filesize) Size: 104 kb 2. a server compressed using fsg (i found to be the smallest compesion) Size: 39 kb 3. compressed with UPX another good exe compressor also make a nice small server Size: 40 kb --==Features==-- ( Main ) File Manager - Get Drives Upload Download Execute Refresh Dir Delete File Play Wav Rename File Get File Size Make Dir Displays Current Path Process Manager - Retrieve Processes - Kill Process - Retrive A/v Filewall Kill List - Add Exe to Kill List - Set Killing Time (1 - 60 Seconds) Windows Control - Close Windows - Maximize - Minimize - Hide - Show - Send Keys Infomation - General Infomation Save List Webdownloader - Download & Execute File's From the net File Search - Find any kind of file in ant Dir - Download found files - Delete File - Get File Size - Rename File - Remove Items - Clear List Server - Retrieve Server Info - Close Server - Save Details - Reboot Pc Cd Keys - Steal Victims Cd keys - Save Stolen Keys Webcam Capture - Start/Stop Capturing Cam - Save Images - Select Jpg Compresion Screen Capture - Start/Stop Capture - Save Images - Select Jpg Compresion Chat - Open/Close Chat - Set vics Nick - Set Your Nick - Save Chat - Send Chat - Determine If victim is typing or not Registry - Read Values - Set Values - Delete Values Message Boxes - Send Fake Message Boxes - Infomation type - Exclamation Type - Critical Type - Question Type - Set Tile - Set Body - Test & Send Messages Transfer Management - Unlimited que'ing system for upload/dload - reset Uploads/downloads (sometimes the dloads will pause if file isnt found) - Remove a transfer - Remove All Transfers - Toggle Transfers up/down que - Displays Transfer Status - Displays Current Transfer - Displays Remaing in que - Displays Kb of Kb Complete - Displays % Comlete - Displays Speed SIN Console - Start Listening on Selected Port - Reverse Connect to Servers - Remove Servers - Copy ip's - save ip's SIN Settings - Enable/Disable Msn Style Popups - Enable/Disable Sounds - Msn Style Sound - Yahoo Style Sound - Icq Style Sound - Aim Style Sound - Test Sounds About - Show Details On Dsk - Lite v1 - View The Disclaimer Server Builder - Select Server Port's (main & Transfer) - Set Server Password - Set Victim Name - Kill A/v & Firewalls (over 150) - Melt Server - Registry Run Start-up - Registry Run Services Start up - Active X Start up - Set Server Name - Set Registry Name - Set Fake Error Body/Title/Format - Webdownloader (Dload & Execute A file on install) - SIN Notify Ip/Port - Icq Notify - CGI Notify - PHP Notify - Build Server with UPX - Build Server with Fsg - Build Server Unpacked' |
Alias: |
Backdoor Program [Panda], Backdoor.DskLite.a [Kaspersky], Backdoor.DskLite.b [Kaspersky], Backdoor/Dsklite [Computer Associates], Backdoor/DskLite.10.A!Server [Computer Associates], Bck/Ciadoor.L [Panda], Bck/Dsklite.A [Panda], Win32.DSKlite.10.A [Computer Associates] |
Category: |
Key Logger: (Keystroke Logger). A program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans).
Backdoor: A secret or undocumented means of getting into a computer system, or software that uses such a means to penetrate a system. Some software has a backdoor placed by the programmer to allow them to gain access to troubleshoot or change the program. Software that is classified as a "backdoor" is designed to exploit a vulnerability in a system, and open it to future access by an attacker. |
Similar Pests: |
Key Logger · Backdoor |
Origins |
Author: |
Alchemist & r3l4x |
URL: |
http://darksideofkalez.com |
Date of Origin: |
November, 2003 |
Operation |
Storage Required: |
DSK Lite 1.0: at least 1821 KB |
Risks |
Detection Issues: |
Difficult to detect by design. May hide from process list. May install with variable names in variable locations. |
Detection and Removal |
Automatic Removal: |
 PestPatrol detects this.
PestPatrol removes this.
|
Manual Removal: |
Follow these steps to remove DSK Lite 1.0 from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake. |
|
Stop Running Processes:
Kill these running processes with Task Manager:
|
|
Remove Files:
Remove these files (if present) with Windows Explorer:
|
Research |
File Analyses: |
|
More Info: |
AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo! |
Research By: |
PestPatrol's Pest Research Center |
Last Revised: |
February 28, 2005 |