Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan-PSW Win64

Trojan-PSW.Win64.Coins.gjl

Update Date
05/14/2026

Class: Trojan-PSW

Trojan-PSW programs are designed to steal user account information such as logins and passwords from infected computers. PSW is an acronym of Password Stealing Ware. When launched, a PSW Trojan searches system files which store a range of confidential data or the registry. If such data is found, the Trojan sends it to its “master.” Email, FTP, the web (including data in a request), or other methods may be used to transit the stolen data. Some such Trojans also steal registration information for certain software programs.

Read more

Platform: Win64

Win64 is a platform on Windows-based operating systems for execution of 32-/64-bit applications. Win64 programs cannot be launched on 32-bit versions of Windows.

Family: Trojan-PSW.Win64.Coins

No family description

Examples

142120EEF7991AEDF0C71D02D3A60E22

Tactics and Techniques: Mitre*

TA0007
Discovery
The adversary is trying to figure out your environment. Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what's around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective.
T1033
System Owner/User Discovery
Adversaries may attempt to identify the primary user, currently logged in user, set of users that commonly uses a system, or whether a user is actively using the system. They may do this, for example, by retrieving account usernames or by using OS Credential Dumping. The information may be collected in a number of different ways using other Discovery techniques, because user and username details are prevalent throughout a system and include running process ownership, file/directory ownership, session information, and system logs. Adversaries may use the information from System Owner/User Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.

* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
22 May 2026
Securelist
Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
20 May 2026
Securelist
How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
18 May 2026
Securelist
IT threat evolution in Q1 2026. Mobile statistics
18 May 2026
Securelist
IT threat evolution in Q1 2026. Non-mobile statistics
14 May 2026
Securelist
Kimsuky targets organizations with PebbleDash-based tools
12 May 2026
Securelist
State of ransomware in 2026
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
You must select at least one severity level
Do you want to save your changes?
Your message has been sent successfully.