Home / malware HackTool:Win32/Keydump
First posted on 06 July 2010.
Source: SecurityHomeAliases :
HackTool:Win32/Keydump is also known as Win-AppCare/WinKeyfinder.272357 (AhnLab), not-a-virus:PSWTool.Win32.RAS.a (Kaspersky), FindKeyXP.A.dropper (Norman), HackTool.EEG (AVG), Win32/PSWTool.RAS.A (ESET), not-a-virus.Keyfinder.Findkey (Ikarus), RAS Key Editor (Sophos), CRCK_JBEAN.A (Trend Micro), Jelly Bean Keyfinder (Sophos).
Explanation :
HackTool:Win32/Keydump is a tool that retrieves Microsoft Windows XP and Microsoft Office product keys. It is also capable of modifying the current Windows XP product key and Windows registration information.
Top
HackTool:Win32/Keydump is a tool that retrieves Microsoft Windows XP and Microsoft Office product keys. It is also capable of modifying the current Windows XP product key and Windows registration information. When run it may create the folder "rarsfx0", in which it drops the following files:chgxp.vbs findkey.exe officekey.exe xpkey.exe The user interface may be similar to the following:
Analysis by Jireh SanicoLast update 06 July 2010