FANDOM


Trojan.Win32.Agent2.dmdi or Agent2.dmdi is a trojan on Microsoft Windows from the Agent2 family that is designed to steal User's Authentication data.

Payload

After launching, the malicious library checks the name of the process. By loading "duospeak.exe" process in the address space, it then allows the user to enter their authentication data to the "YYMainWnd", that will send such data to the following IP addresses.

124.***.56.12
121.***.13.22

Sources

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.