Actions Monitor
Actions Monitor is a Windows based application designed to monitors display and save all file system activity on a system. It is a Windows based application which records all file system actions which have been executed and allow saving it to text
file for further analysis. It is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully
in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the
user.0
General information:
| Malware Name: |
Actions Monitor |
| Malware Type: |
Key Logger |
| Company Name: |
Segobit Software |
| Company URL: |
http://www.segobit.com
|
| Threat Level: |
Low Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
Spyware Description:
Actions Monitor is a Windows based application designed to monitors display and save all file system activity on a system. It is a Windows based application which records all file system actions which have been executed and allow saving it to text
file for further analysis. It is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully
in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the
user.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log0
Additional information might be found here:
Processes Running:
am102.EXE
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\Actions Monitor\FILE_ID.DIZ |
396 |
DIZ File |
| C:\Program Files\Actions Monitor\Homepage.htm |
14081 |
HTML Document |
| C:\Program Files\Actions Monitor\fpc_vsm.gif |
1108 |
GIF Image |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Actions Monitor |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Actions Monitor |
UninstallString |
