Snow 1.3
Released 21 years, 6 months ago. March 2003
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | Snow |
| Category | Remote Access |
| Version | Snow 1.3 |
| Released Date | Mar 2003, 21 years, 6 months ago. |
| Language | Delphi |
Additional Information
Server:
dropped files:
c:\WINDOWS\sk.exe
c:\WINDOWS\SYSTEM\plog.exe
c:\WINDOWS\SYSTEM\swon4.exe
size: 242.193 bytes
port: 5328 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Snow"
c:\windows\win.ini, [windows] "run"
added to registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\WinOlaApp "Disable"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Network\LanMan\C$ "Flags"If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.