Glacier 8.0 Beta1
Released 23 years, 1 month ago. December 2001
Copyright © MegaSecurity
By Y2KZERO
Informations
| From | China |
| Author | Y2KZERO |
| Family | Glacier |
| Category | Remote Access |
| Version | Glacier 8.0 Beta1 |
| Released Date | Dec 2001, 23 years, 1 month ago. |
Additional Information
Client:
port: 7718 TCP
Server:
dropped file:
c:\WINNT\system32\Winoldap.exe
size: 190.080 bytes
port: 7626 TCP
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "(Default)"
data: C:\WINNT\system32\Winoldap.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "(Default)"
data: C:\WINNT\system32\Winoldap.exe
HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"
old data: %SystemRoot%\system32\NOTEPAD.EXE %1
new data: C:\WINNT\system32\Winoldap.exe %1
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodial"
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodisconnect"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodisconnect"
HKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings "EnableAutodisconnect"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodial"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodisconnect"
tested on Windows 2000If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.