HKTL_SNAILFLOOD.A
Windows
Threat Type: Hacking Tool
Destructiveness: No
Encrypted: Yes
In the wild: Yes
OVERVIEW
This hacking tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
Arrival Details
This hacking tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Installation
This hacking tool drops and executes the following files:
- %Program Files%\SYN.exe
- %Program Files%\Udp.exe
- %Program Files%\taskmgr.exe
- %Program Files%\NPS.exe
(Note: %Program Files% is the Program Files folder, where it usually is C:\Program Files on all Windows operating system versions; C:\Program Files (x86) for 32-bit applications running on Windows 64-bit operating systems.)
NOTES:
When users click on Syn Flood, it generates the file %Program Files%\SYN.exe, which is used for its flooding technique.
When users click on Udp Flood, it generates the file %Program Files%\Udp.exe, which is used for its flooding technique.