Home / malware

PDF

TrojanSpy:Win32/PerfectKeylogger.B

First posted on 17 May 2010.
Source: SecurityHome

Aliases :

TrojanSpy:Win32/PerfectKeylogger.B is also known as not-a-virus:Monitor.Win32.Perflogger.cb (Kaspersky), Application.Keylogger.PVY (BitDefender), Win32/Perflogger.AH (CA), Trojan.Peflog.168 (Dr.Web), Win32/Spy.PerfKey.NAA (ESET), not-a-virus:Monitor.Win32.Perflogger (Ikarus), Perfect Keylogger (Sophos), Trojan.Win32.PerfectKeylogger.AB (Sunbelt Software), TROJ_QDOWN.I (Trend Micro).

Explanation :

TrojanSpy:Win32/PerfectKeylogger.B is a trojan that can log keystrokes and mouse clicks, and capture screenshots of the computer in which it is installed. It then sends its gathered information to a remote attacker via e-mail or FTP.
Top

TrojanSpy:Win32/PerfectKeylogger.B is a trojan that can log keystrokes and mouse clicks, and capture screenshots of the computer in which it is installed. It then sends its gathered information to a remote attacker via e-mail or FTP. Installation TrojanSpy:Win32/PerfectKeylogger.B is distributed as a WinRAR SFX package. When executed, it drops the following Perfect Keylogger components:

bpk.exe

bpkhk.dll

bpkwb.dll

inst.dat

pk.bin

rinst.exe

It also drops a clean file named "muplayer.exe". Payload Gathers sensitive information TrojanSpy:Win32/PerfectKeylogger.B can log keystrokes and mouse clicks, and capture screenshots of the computer in which it is installed. It then sends its gathered information to a remote attacker via e-mail or FTP.

Analysis by Chun Feng

Last update 17 May 2010

 

TOP