SecurityHome.eu VirTool:WinNT/Gearclop.A

Home / malware PDF

VirTool:WinNT/Gearclop.A

First posted on 08 June 2010.
Source: SecurityHome
Aliases :
There are no other names known for VirTool:WinNT/Gearclop.A.
Explanation :
VirTool:WinNT/Gearclop.A is a trojan component installed by Win32/Gearclop. Its purpose is to send keystrokes to dismiss alert windows displayed by security software.
Top

VirTool:WinNT/Gearclop.A is a trojan component installed by Win32/Gearclop. Its purpose is to send keystrokes to dismiss alert windows displayed by security software. InstallationVirTool:WinNT/Gearclop.A is installed by Trojan:Win32/Gearclop.gen!C as the following: %temp%\kslfdd.sys Payload Dismisses security software detection alertsThe dropped component "kslfdd.sys" is used by Trojan:Win32/Gearclop.gen!C to send keystrokes to dismiss alert windows from antivirus and firewall software.

Analysis by Chun Feng
Last update 08 June 2010

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

VirTool:WinNT/Gearclop.A