Home / malwarePDF  

HackTool:Win32/Keydump


First posted on 06 July 2010.
Source: SecurityHome

Aliases :

HackTool:Win32/Keydump is also known as Win-AppCare/WinKeyfinder.272357 (AhnLab), not-a-virus:PSWTool.Win32.RAS.a (Kaspersky), FindKeyXP.A.dropper (Norman), HackTool.EEG (AVG), Win32/PSWTool.RAS.A (ESET), not-a-virus.Keyfinder.Findkey (Ikarus), RAS Key Editor (Sophos), CRCK_JBEAN.A (Trend Micro), Jelly Bean Keyfinder (Sophos).

Explanation :

HackTool:Win32/Keydump is a tool that retrieves Microsoft Windows XP and Microsoft Office product keys. It is also capable of modifying the current Windows XP product key and Windows registration information.
Top

HackTool:Win32/Keydump is a tool that retrieves Microsoft Windows XP and Microsoft Office product keys. It is also capable of modifying the current Windows XP product key and Windows registration information. When run it may create the folder "rarsfx0", in which it drops the following files:

  • chgxp.vbs
  • findkey.exe
  • officekey.exe
  • xpkey.exe
  • The user interface may be similar to the following:

    Analysis by Jireh Sanico

    Last update 06 July 2010

     

    TOP

    Malware :