SecurityHome.eu VirTool:Win32/HookGina.A

Home / malware PDF

VirTool:Win32/HookGina.A

First posted on 29 October 2010.
Source: SecurityHome
Aliases :
VirTool:Win32/HookGina.A is also known as Backdoor.Win32.Hupigon.ligv (Kaspersky), Backdoor.Hupigon.LECW (VirusBuster), BDS/Hupigon.ligv (Avira), Bck/Hupigon.LNQ (Panda), Backdoor.Win32.Hupigon (Sunbelt Software).
Explanation :
VirTool:Win32/HookGina.A is the DLL component of a tool called "WinlogonHack". It can be used to steal the user's Windows logon information.
Top

VirTool:Win32/HookGina.A is the DLL component of a tool called "WinlogonHack". It can be used to steal the user's Windows logon information. When run, it drops the following file in the Windows system folder: boot.dat VirTool:Win32/HookGina.A hooks the function "WlxLoggedOutSAS" to steal the following user information: user name password domain

Analysis by Jingli Li
Last update 29 October 2010

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

VirTool:Win32/HookGina.A