Glacier


Name: Glacier
Aliases: Backdoor.G_Door.b, c, d, e, The Glacier, Backdoor, Gluoshi, Backdoor.Darksun, Darksun, Binghe, Backdoor.Binghe, Glace, Trojan.Binghe, Trojan.Darksun, Backdoor.FR,
Ports: 1826, 2001, 6526, 7626, 7718 (port can be changed)
Files: Glacier_2.2.zip - 974,017 bytes Glacier_3.0.zip - 716,114 bytes Glacier_6.0.zip - Glacier9.11_se.zip - Darksun.zip - Binhe.zip - 973,293 bytes G_server.zip - 258,954 bytes G_server.zip - 266,379 bytes Ба?
Created: Nov 2000
Requires:
Actions: Remote Access / Keylogger / Steals passwords
Registers: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\RunServices\
HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\ open\command
HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\ run\command
HKEY_LOCAL_MACHINE\Software\Classes\txtfile\Shell\open\command
HKEY_LOCAL_MACHINE\Software\Classes\*\Shell\open\command
HKEY_CLASSES_ROOT\exefile\shell\run\command
HKEY_CLASSES_ROOT\txtfile\shell\open\command
HKEY_CLASSES_ROOT\*\Shell\open\command
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Config\0001\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Notes: Works on Windows 95, 98, ME, NT and 2000.
Country: written in China
Program:

© Copyright von Braun Consultants. This information may include technical inaccuracies or typographical errors. If you have any questions or further information about the actual trojan above, please contact Joakim von Braun at <joakim.von.braun@risab.se>