AB System Spy
It is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either
finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs
are commonly included in rootkits and RATs (remote administration trojans).0
General information:
| Malware Name: |
AB System Spy |
| Malware Type: |
Key Logger |
| Company Name: |
Aby Software |
| Company URL: |
http://www.abysoftware.com/
|
| Threat Level: |
|
| Operating System: |
|
| Installation Type: |
|
| Operation: |
|
Company Description:
Aby Software was founded in 1997 as a software development company. It developed a network of software related sites that currently covers eight separate projects, including one of the most popular software archives on the web, Free Downloads Center.
It provides high quality software solutions both to home users and small, medium and large-scale businesses. The range of its products presents more than twenty different titles varying from games to database applications.
Spyware Description:
It is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either
finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are
commonly included in rootkits and RATs (remote administration trojans).0
Characteristics/Symptoms:
-> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Monitor and capture data from computers -> Starts with the operating system -> Hidden from the user0
Additional information might be found here:
Processes Running:
system.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\SSystem v5.1.1 build 3\abss.url |
50 |
Internet Shortcut |
| C:\Program Files\SSystem v5.1.1 build 3\license.txt |
850 |
Text Document |
| C:\Program Files\SSystem v5.1.1 build 3\unins000.dat |
6349 |
DAT File |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\SSystem v5.1.1 build 3 |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AB System Spy v5.1.1 build 3_is1 |
URLInfoAbout |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AB System Spy v5.1.1 build 3_is1 |
URLUpdateInfo |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AB System Spy v5.1.1 build 3_is1 |
UninstallString |
