Home / malware PWS:Win32/Ldpinch.gen!LogA
First posted on 08 April 2019.
Source: MicrosoftAliases :
There are no other names known for PWS:Win32/Ldpinch.gen!LogA.
Explanation :
PWS:Win32/Ldpinch.gen!LogA is a log file created by Win32/Ldpinch. Win32/Ldpinch is a family of password-stealing trojans. This trojan gathers private user data such as passwords from the host computer and sends the data to the attacker at a preset e-mail address. The Win32/Ldpinch trojans use their own Simple Mail Transfer Protocol (SMTP) engine or a web-based proxy for sending the e-mail, thus copies of the sent e-mail will not appear in the affected user's e-mail client. A Win32/Ldpinch trojan typically takes the following actions on the host computer: Creates a copy of itself in the Windows folder or the system folder. The file name of the copy may vary. Creates an entry under one or both of the following registry subkeys to run this copy of the trojan each time Windows starts:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun Attempts to gather data from the host computer. The Win32/Ldpinch trojan may gather data such as e-mail addresses, passwords, and system configuration information, including registry settings. It may also gather data from installed applications such as &RQ, FAR, ICQ, The Bat!, and Total Commander. Encodes the passwords and sends them along with other collected information to a preset e-mail address. The Win32/Ldpinch trojans use their own Simple Mail Transfer Protocol (SMTP) engine or a web-based proxy for sending the e-mail, thus copies of the sent e-mail will not appear in the affected user's e-mail client.Last update 08 April 2019
