Analysis by: Erika Bianca Mendoza

 PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

 OVERALL RISK RATING:
 REPORTED INFECTION:
 SYSTEM IMPACT RATING:
 INFORMATION EXPOSURE:

  • Threat Type: Spyware

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

This spyware obtains passwords stored in the system and tabulates it in an HTML file.

  TECHNICAL DETAILS

File Size: 20,103 bytes
File Type: PE
Memory Resident: No
Initial Samples Received Date: 25 Feb 2011

NOTES:

This spyware obtains passwords stored in the system and tabulates it in an HTML file:

  • %Current%\pass.htm

It obtains passwords from the following:

  • Internet Explorer
  • Hotmail
  • HTTPMail
  • MSN
  • Outlook Express
  • POP3