Detect Date 10/05/2009
Class Trojan-GameThief
Platform Win32

This Trojan belongs to the family of Trojans that steals passwords from online gaming user accounts. It is a Windows application (PE EXE file). The file is 126 464 bytes in size. It is packed using ASPack. The unpacked file is approximately 516 KB in size. It is written in C++.


Once launched, the Trojan copies its original body to the current user’s temporary files directory under the following name:


It assigns “Hidden”, “Read Only”, and “System” attributes to this file. In order to ensure that the Trojan is launched automatically each time the system is restarted, the Trojan registers its executable file in the system registry autorun key:



Find out the statistics of the threats spreading in your region