Home / malware VirTool:Win32/HookGina.A
First posted on 29 October 2010.
Source: SecurityHomeAliases :
VirTool:Win32/HookGina.A is also known as Backdoor.Win32.Hupigon.ligv (Kaspersky), Backdoor.Hupigon.LECW (VirusBuster), BDS/Hupigon.ligv (Avira), Bck/Hupigon.LNQ (Panda), Backdoor.Win32.Hupigon (Sunbelt Software).
Explanation :
VirTool:Win32/HookGina.A is the DLL component of a tool called "WinlogonHack". It can be used to steal the user's Windows logon information.
Top
VirTool:Win32/HookGina.A is the DLL component of a tool called "WinlogonHack". It can be used to steal the user's Windows logon information. When run, it drops the following file in the Windows system folder: boot.dat VirTool:Win32/HookGina.A hooks the function "WlxLoggedOutSAS" to steal the following user information: user name password domain
Analysis by Jingli LiLast update 29 October 2010
