Medium
A Trojan designed to steal information from a system has been observed in the wild by researchers. TroyStealer is the latest in info stealing malware. Its purpose is to gather login information such as usernames, passwords, and logging keystrokes. The Trojan then sends this information back to another system via email. As with other types of Trojans, the infiltration typically begins with an email stating some sort of issue with a bank account, some kind of intriguing information, or other curiosity-based lure. The email would contain an attachment which, when executed, would perform the information stealing activities. The malware will inject itself into a process and begin collecting information. The Trojan accesses several INI files, deletes other types of files, and gathers security products, OS version, and registry keys. Finally, using a speed test website, the malware validates there is an Internet connection. If the connection is present, the malware (using SMTP) authenticates with an email server where it sends the harvested information.
DAB6194F16CEFDB400E3FB6C11A76861
7c3289cdc59a8cf32feac66069d09c48a930d4665f740968521adaf870172644
C76A9FB1A2AE927BF9C950338BE5B391FED29CD7