Snow 3.9
Released 20 years, 6 months ago. May 2004
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | Snow |
| Category | Remote Access |
| Version | Snow 3.9 |
| Released Date | May 2004, 20 years, 6 months ago. |
| Language | Delphi |
Additional Information
Server:
port: 5328 TCP
dropped files:
c:\WINNT\system32\iplog.dll size: 658.944 bytes
c:\WINNT\system32\ipsnow.exe size: 331.840 bytes
c:\WINNT\system32\Tsnow.dll size: 658.944 bytes
startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ipsnow"
data: C:\WINNT\system32\ipsnow.exe
registry added:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\WinOlaApp "Disable"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Network\LanMan\C$
tested on win2000If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.