HKTL_POLBINDER.GA

This hacking tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user.

Arrival Details

This hacking tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It may be manually installed by a user.

Other Details

This hacking tool requires the following additional components to properly run:

• {Current Malware Path}\Binder.tmp

It does the following:

• Provides the following file options:
  • Choose files to bind
  • Customize the Error message
  • Customize the Icon
  • Choose where the bound file extracts to:
    • %User Temp%
    • %Windows%
    • Current Directory
  • Run Automatically
  • Compress the files
  • Choose from different extensions:
    • .exe
    • .scr
    • .com
    • .cmd
    • .pif
• Binds two or more files as one executable file
• Names the bound files as "Gotowe.{chosen extension}"

NOTES:

Language used: Polish

Clicking on the ? button provides the following:

• Information on the hacking tool and its creator
• Websites used by the hack tool creator:
  • {BLOCKED}agacz.net
  • {BLOCKED}crew.net
  • {BLOCKED}r.com.pl
• Email address {BLOCKED}gacz@wspomagacz.net used by the hacking tool creator

It uses the following graphical user interface (GUI):