FKWP
FWKP is a key logger that logs all keystrokes and is a firewall-bypassing keylogger. It controls files in the remote system.
General information:
| Malware Name: |
FKWP |
| Malware Type: |
Key Logger |
| Company Name: |
elitec0ders.net |
| Company URL: |
http://elitec0ders.net/
|
| Threat Level: |
Elevated Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
elitec0ders.net provides you the software FKWP that logs all keystrokes, downloads two cab files and extracts and executes the inside exes (firewall bypass), protected storage (Outlook, IE stored passes), cashed dialup passes sender, keystrokes, passes
are mailed to the email ID daily or when the log size is over, firewall bypassing by injecting code into IE and sending mail, no process visible, injects into Explorer.exe on startup and exiting, active setup startup, EXE size of 12KB, encrypted log
file, file manager for controlling remote system. It is a firewall-bypassing keylogger. It also has a file manager for controlling files in a remote system.
Spyware Description:
FWKP is a key logger that logs all keystrokes and is a firewall-bypassing keylogger. It controls files in the remote system.
Characteristics/Symptoms:
-> It logs all keystrokes and is a firewall-bypassing keylogger. -> It controls files in the remote system.
Additional information might be found here:
Processes Running:
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\WINDOWS\system32\regc64.dll |
10240 |
Application Extension |
| C:\WINDOWS\system32\rgml.dll |
569 |
Application Extension |
| C:\WINDOWS\system32\ssvchost.com |
12207 |
MS-DOS Application |
Folder information Created after Installation:
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
