TCP 10100

ProtocolTCP

Port10100

Labels

Synopsis

Doly Trojan (Windows RAT/backdoor) commonly listened on TCP port 10100 by default, enabling attackers to remotely control infected machines (file transfer, keylogging, screen capture, etc.).
Traffic to or from TCP 10100—especially unsolicited listeners—has historically been used as an indicator of Doly infection.

Observed activity

Last 30 days Detailed chart

More information

SANS Internet Storm Center: Port 10100