Snow 4.1
Released 20 years, 1 month ago. October 2004
Copyright © MegaSecurity
By ?
Informations
| From | China |
| Author | ? |
| Family | Snow |
| Category | Remote Access |
| Version | Snow 4.1 |
| Released Date | Oct 2004, 20 years, 1 month ago. |
| Language | Delphi |
Additional Information
Server:
dropped files:
c:\WINNT\system32\iplog.dll size: 660.480 bytes (Backdoor.Win32.Snowdoor.37)
c:\WINNT\system32\ipsnow.exe size: 331.843 bytes (Backdoor.Snowdoor.35)
c:\WINNT\system32\Tsnow.dll size: 660.480 bytes (Backdoor.Win32.Snowdoor.37)
port: 5328 TCP
added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ipsnow"
data: C:\WINNT\system32\ipsnow.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\WinOlaApp "Disable"
tested on Windows 2000If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.