ICQ Sniff

ICQ Sniff sniffs and decrypts messages/urls sent from the server to an icq client. It runs in stealth mode, hidden from the user, and have the ability to store captured data for later retrieval by or transmission to another computer.0

General information:

Malware Name:	ICQ Sniff
Malware Type:	Key Logger
Company Name:	Ufasoft Inc
Company URL:	http://www.ufasoft.com/
Threat Level:	Elevated Risk
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Installation

Company Description:

Ufasoft Inc provides us with keylogger ICQ Sniff which is a program that intercepts messages and user details, including passwords, across the whole LAN in real time. It is possible to receive and view all these messages to and from all LAN users in the same time they will receive or send it. All intercepted messages are also stored in files, which can be later processed and analyzed.

Spyware Description:

ICQ Sniff sniffs and decrypts messages/urls sent from the server to an icq client. It runs in stealth mode, hidden from the user, and have the ability to store captured data for later retrieval by or transmission to another computer.0

Characteristics/Symptoms:

    -> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0

Additional information might be found here:

	Search at Google for ICQ Sniff
	Search at Bing for ICQ Sniff
	Search at Yahoo for ICQ Sniff

Processes Running:

icqsnif.exe

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\Documents and Settings\[USER]\Start Menu\Programs\Ufasoft Snif\Ufasoft Snif.lnk	642	Shortcut
C:\Program Files\Ufasoft\Sniffer\setup.exe	44032	Application
C:\Program Files\Ufasoft\Sniffer\usft_sn4.sys	15760	System file

Folder information Created after Installation:

Folder Location
C:\Program Files\Ufasoft\Sniffer
C:\Program Files\Ufasoft\Sniffer\LNG

Registry information Created after Installation: