This Trojan program is designed to steal user passwords. It is a Windows PE EXE file. The file is 23,040 bytes in size. It is written in Visual Basic.
The Trojan will steal passwords to modem connections.
The Trojan sends the harvested passwords by email to the remote malicious user’s at:
The Trojan also creates the following registry key, and save its configuration to this key:
[HKCUSoftwareVB and VBA Program SettingsTHDetect]
The Trojan also displays the following message:
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program: