Largest Directoty of Internet Security Software

Internet Security Threats

Home Software Threats Security
News		  

Trojan-PSW.Win32.LdPinch.awp

RISK LEVEL:2

This Trojan steals confidential data. The program itself is a Windows PE EXEfile. It is written in Assembler. It is 23,552 bytes in size. It is packedusing UPX. The unpacked file is approximately 220KB in size.

When launching, the Trojan decrypts its body to memory, and then:

  • Searches the system for Kaspersky Anti-Virus and firewall warnings.It will then create a rule to allow the Trojan activity by simulating a clickon buttons within dialogue Windows.
  • Collects data about the operating system version, system time,system folders, screen options, presence of an address book, accessible memory,account details of the current user, victim machine's network ID, and serialnumber of the hard disk. Also gets data about logical disks present on thesystem, their type and amount of free space, as well as a list of current processes.
  • Harvests data from the configuration files of the following programs:
    • The Bat!
    • Mirabilis ICQ
    • Miranda
    • Trillian
    • Total Commander
    • Microsoft Outlook
    • CuteFTP
    • FAR
    • Opera
    • Mozilla Firefox
    • QIP
    • MailRu agent
    • Qualcomm Eudora
    • Punto Switcher
    • Gaim
    • Mozilla Firefox
    • FileZilla
    • FlashFXP
    • Passport.Net
    • &RQ

The Trojan sends harvest data in the form of a HTML request to ricoger.com:

http://ricoger.com/p1/****.php

If your computer does not have an up-to-date antivirus, or does not have anantivirus solution at all, follow the instructions below to delete the maliciousprogram:

  1. Use Task Manager to terminate the Trojan process.
  2. Delete the original Trojan file (the location will depend onhow the program originally penetrated the victim machine).
  3. Update your antivirus databases and perform a full scan of thecomputer (download a trial version of Kaspersky Anti-Virus).


Printed From:http://www.viruslist.com/en/viruses/encyclopedia?virusid=134160

Similar Virus/Threat >>
  •   Trojan-PSW.Win32.LdPinch.bok
    • This Trojan is designed to steal confidential information (user passwords).It is designed to steal a range of confidential information. It is a Windows PE EXE file. It is 54,784 bytes in size. It...
  •   Trojan-PSW.Win32.LdPinch.bkk
    • This Trojan is designed to steal confidential information (user passwords).It is designed to steal a range of confidential information.It is a Windows PE EXE file. The file is approximately 49KB in...
  •   Trojan-PSW.Win32.LdPinch.bik
    • This Trojan is designed to steal confidential information (user passwords).It is designed to steal a range of confidential information. It is a Windows PE EXE file. It is 25,600 bytes in size. It...
  •   Trojan-PSW.Win32.Proctor
    • This Trojan is designed to steal user passwords. It is a Windows PE EXE file.It is 18,944 bytes in size.When launched, the Trojan displays the following dialogue box:The user is requested to check...


  • Window Washer
    		•
  • symantec PCanywhere 12.0
    		•
  • Kaspersky Anti-Hacker
    		•
  • iSpyNOW
    		•
  • Diet Kaza
    		•

    Acronis Privacy Expert Suite 8.0
    (31,781KB - $29.99)
    AIM Spy Monitor 2007
    (3,145KB - $39.99)
    BlazingTools Secure Office
    (1,301KB - $54.95)
    Yahoo! Messenger Spy Monitor 2007
    (4,034KB - $39.99)
    Encrypt my Folder
    (1,530KB - $24.95)

    Cookie Cleaner   |    History Eraser   |    Popup Killer   |   Firewall   |   Antivirus   |   Security Encryption   |   UnInstaller   |   Security News
    eTrust Pestpatrol Anti-Spyware   PestPatrol 5   Ad-Aware SE Removal   Ad-Aware SE   Ad-Watch   SpyFighter Cleaner Pro   Free Adware Remover   Spy Sweeper  Webroot Spy Sweeper 
    Copyright © 2002-2007 Internet Security Software.All rights reserved.
    Directory of Internet Security Software - Cookie & Cache Cleaner, History & Evidence Eraser, Popup Killer, Firewall