SecurityHome.eu HackTool:Win32/Keydump

Home / malware PDF

HackTool:Win32/Keydump

First posted on 06 July 2010.
Source: SecurityHome
Aliases :
HackTool:Win32/Keydump is also known as Win-AppCare/WinKeyfinder.272357 (AhnLab), not-a-virus:PSWTool.Win32.RAS.a (Kaspersky), FindKeyXP.A.dropper (Norman), HackTool.EEG (AVG), Win32/PSWTool.RAS.A (ESET), not-a-virus.Keyfinder.Findkey (Ikarus), RAS Key Editor (Sophos), CRCK_JBEAN.A (Trend Micro), Jelly Bean Keyfinder (Sophos).
Explanation :
HackTool:Win32/Keydump is a tool that retrieves Microsoft Windows XP and Microsoft Office product keys. It is also capable of modifying the current Windows XP product key and Windows registration information.
Top

HackTool:Win32/Keydump is a tool that retrieves Microsoft Windows XP and Microsoft Office product keys. It is also capable of modifying the current Windows XP product key and Windows registration information. When run it may create the folder "rarsfx0", in which it drops the following files:
chgxp.vbs

findkey.exe

officekey.exe

xpkey.exe
The user interface may be similar to the following:

Analysis by Jireh Sanico
Last update 06 July 2010

TOP

Malware :

Last 20