Archive A Reconstructed © MegaSecurity Database
SnowDoor 2.3
Released 20 years, 8 months ago. August 2005
Copyright © MegaSecurity
By Jack Lane
Informations
| Author | Jack Lane |
| Family | SnowDoor |
| Category | Remote Access |
| Version | SnowDoor 2.3 |
| Released Date | Aug 2005, 20 years, 8 months ago. |
| Language | Visual Basic, compressed with UPX |
Additional Information
Server:
dropped files:
c:\boot.sys Size: 49,719 bytes
c:\Program Files\configs.txt.pif Size: 49,719 bytes
c:\WINDOWS\ctfmon32.bak Size: 49,719 bytes
c:\WINDOWS\system32\boot.exe Size: 49,719 bytes
c:\WINDOWS\system32\combot.com Size: 49,719 bytes
c:\WINDOWS\system32\TFTP0401 Size: 49,719 bytes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows SSH boot"
data: C:\WINDOWS\system32\boot.exe e m 3 2 \
tested on Windows XP
August 07, 2005
Author Information / Description
1. Commands for Snowdoor V2.3
Type one of these commands into the box and press send.
crash
beep
block
unblock
warn
black
normal
notepad
fatal
cdopen
cdclose
flash
website1
website2
website3
hermine
execute
del
critical
quest
mousejumpon
mousejumpoff
bscreen
(If you type a command, that is not in the list, at the server appears a Message-Box, with the text you�ve entered.)
N E W : I�ve putted a Control Panel in! Now you mustn�t type all into a textbox! You can siply click on a button!
-------------------------------------------------------------------------------------------------
2. Command explainings:
crash:
Runs notepad until the system crashes
beep:
gives out a beep.
block:
locks keybord and mouse on the remote computer
unblock:
unlocks keyboard and mouse
warn:
gives out a fake warning message: "System irrepareabel besch�digt. Das system muss gel�scht werden. Weiter mit OK."
black:
black screen and mouse & keyboard are blocked
normal:
restores the normal screen after the "black" & "fatal" & "hermine" & "flash" command
notepad:
opens notepad
fatal:
gives out a faked "blue-screen"
cdopen:
opens the cd-drive
cdclose:
closes the cddrive
flash:
screen flashes in black and white (changes every millisecond the color from black to white and from white to black in fullscreen-mode)
website1:
opens a german porno-site
website2:
opens a counterstrike-website
website3:
opens the homepage of the white house in USA
hermine:
shows a picture of Emma Watson
execute:
first type execute and send the command with the "send" button. Then Type in the box the complede path to the file and send it with the button. Now you have executed the file.
del:
Operates like the execute command, but instead of opening, it deletes files.
critical:
Operates like the execute, but it gives out a message with the critical symbol and the text you have sent as second.
quest:
operates like the above, but as a question-box
mousejumpon:
The cursor jumps over the screen...
mousejumpoff:
switches off the mousejumper
bscreen:
first send "bscreen" to the server. Then Send The text U want to have in the blackscreen. Now at the Server appears a Black screen with the text you have sendt.
all other things you type and are not in the list:
gives out a message-box with the text in it, who you have typed
(example: you type "hallo" and press send. Then at the remote computer appears a Message-box with the exclamation-symbol and the text "hallo".)
Jack LaneThis archive is an almost-complete reconstruction of the legendary Mega Security (also known as Kobayashi), a premier 90s-era "Trojan Database" where malware authors once showcased their work. After a decade offline, the site was brought back in August 2024 by its original creator, MasterRat, who authorized the Malware Gallery to host this modernized, searchable version of the collection. While the original site remains available for those seeking a nostalgic, old-school experience, we are proud to continue its legacy here. Full credit and thanks go to MasterRat and the retired Mega Security staff for their years of dedicated work in cataloging these historical samples.