..
Click anywhere to stop
Click anywhere to stop
Detect Date | 10/05/2009 |
Class | Trojan-GameThief |
Platform | Win32 |
Description |
This Trojan belongs to the family of Trojans that steals passwords from online gaming user accounts. It is a Windows application (PE EXE file). The file is 126 464 bytes in size. It is packed using ASPack. The unpacked file is approximately 516 KB in size. It is written in C++. InstallationOnce launched, the Trojan copies its original body to the current user’s temporary files directory under the following name: %Temp%herss.exe It assigns “Hidden”, “Read Only”, and “System” attributes to this file. In order to ensure that the Trojan is launched automatically each time the system is restarted, the Trojan registers its executable file in the system registry autorun key: [HKCUSoftwareMicrosoftWindowsCurrentVersionRun] "cdoosoft"="%Temp%herss.exe" |
Find out the statistics of the threats spreading in your region |