[email protected] | +1(800)654-3545

90-Day Return Policy | Genuine OEM Parts

Same Day Shipping | 8AM-5PM CT M-F

Snoozegnat.7z

: Once awake, it communicates with a hardcoded IP via HTTPS, disguised as standard telemetry traffic. Behavioral Indicators (IoCs)

: A legitimate, digitally signed executable used for "DLL side-loading." By using a trusted binary, the attacker lowers the suspicion level of the initial process start. SnoozeGnat.7z

: The user is enticed to extract the archive and run the "launcher." : Once awake, it communicates with a hardcoded

: Creation of temporary .tmp files in the %AppData% directory that match the size of your system's ntdll.dll . Conclusion & Mitigation Conclusion & Mitigation : An obfuscated configuration file

: An obfuscated configuration file containing Command & Control (C2) server addresses and sleep timers (hence the name "Snooze"). Execution Chain: How it Works

Information theft and persistent backdoor access. What’s Inside?

Monitor for long-duration "sleep" processes that suddenly initiate external network connections.

Get Special Offers & News From Carroll Parts

Our Story

Founded as a repair service business in 1938, Carroll Parts gradually transitioned over the years into a full-scale distributor of HVAC & appliance parts. Serving all 50 states, our strong commitment to customer service and product knowledge allows us to get our customer the right parts for their repair, on time.

About Carroll Parts

Sales & Customer Service

+1-800-654-3545

Live Chat

[email protected]

8:00 am - 5:00 pm CT Mon-Fri

Location

3225 Roanoke Road

Kansas City, MO 64111

8:00 am - 5:00 pm CT Mon-Fri

Quick Links

My Account