| Name: | Glacier |
| Aliases: | Backdoor.G_Door.b, c, d, e, The Glacier, Backdoor, Gluoshi, Backdoor.Darksun, Darksun, Binghe, Backdoor.Binghe, Glace, Trojan.Binghe, Trojan.Darksun, Backdoor.FR, |
| Ports: | 1826, 2001, 6526, 7626, 7718 (port can be changed) |
| Files: | Glacier_2.2.zip - 974,017 bytes Glacier_3.0.zip - 716,114 bytes Glacier_6.0.zip - Glacier9.11_se.zip - Darksun.zip - Binhe.zip - 973,293 bytes G_server.zip - 258,954 bytes G_server.zip - 266,379 bytes Ба? |
| Created: | Nov 2000 |
| Requires: | |
| Actions: | Remote Access / Keylogger / Steals passwords |
| Registers: | HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\Run |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\RunServices\ | |
| HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\ open\command | |
| HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\ run\command | |
| HKEY_LOCAL_MACHINE\Software\Classes\txtfile\Shell\open\command | |
| HKEY_LOCAL_MACHINE\Software\Classes\*\Shell\open\command | |
| HKEY_CLASSES_ROOT\exefile\shell\run\command | |
| HKEY_CLASSES_ROOT\txtfile\shell\open\command | |
| HKEY_CLASSES_ROOT\*\Shell\open\command | |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | |
| HKEY_LOCAL_MACHINE\Config\0001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | |
| Notes: | Works on Windows 95, 98, ME, NT and 2000. |
| Country: | written in China |
| Program: |