KeyLover
KeyLover 2.1 is highly critical keylogger which can be used for for logging every keystroke typed at the PC keyboard, recording these keystrokes into specified key log files, and transmitting them to a FTP or SMTP account.It Logs virtually any keystrokes
typed in any Windows application including Internet Explorer, customizable log file size (from 0 to infinity!), stealth operation (customizable by the user),circular logging mechanism, loadable at Windows startup ,logs date and time for each application,
logs window title (caption),encrypts logs on user demand to prevent unauthorized access, simple user interface allows easy and fast setup, SMTP engine to send logs to an email address, FTP engine to send logs to a FTP account, configurable transmission
intervals (for FTP and SMTP),built-in decryptor for log reading ,remote Log Reader 2.1 (free) allows remote access for log reading.0
General information:
| Malware Name: |
KeyLover |
| Malware Type: |
Key Logger |
| Company Name: |
KernelTek |
| Company URL: |
http://kerneltek.com/
|
| Threat Level: |
High Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
KernelTek is a private company formed by a gathering of IT, electronics, and communications engineers. The headquarters, located in France is led by the major European engineering company, Maxal Systems. The company is functionally divided into three
main sections; sales, R&D, and engineering. The coincidence of many expertise and professions has enabled KernelTek develop solutions for a wide range of applications in the industry. Software development is in primary focus at KernelTek for now.
However, electronic and digital design for communications, instrumentation and control is among the possibities. KernelTek has provided solutions in the fields of DSP based systems, FPGA designs; microcontroller based electronics, and industrial electronics,
as well as communications board and system level implementations.
Spyware Description:
KeyLover 2.1 is highly critical keylogger which can be used for for logging every keystroke typed at the PC keyboard, recording these keystrokes into specified key log files, and transmitting them to a FTP or SMTP account.It Logs virtually any keystrokes
typed in any Windows application including Internet Explorer, customizable log file size (from 0 to infinity!), stealth operation (customizable by the user),circular logging mechanism, loadable at Windows startup ,logs date and time for each application,
logs window title (caption),encrypts logs on user demand to prevent unauthorized access, simple user interface allows easy and fast setup, SMTP engine to send logs to an email address, FTP engine to send logs to a FTP account, configurable transmission
intervals (for FTP and SMTP),built-in decryptor for log reading ,remote Log Reader 2.1 (free) allows remote access for log reading.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
KeyLover21.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\KernelTek\KeyLover21\Dll\kl21.dll |
3072 |
Application Extension |
| C:\Program Files\KernelTek\KeyLover21\Readme.txt |
8559 |
Text Document |
| C:\Program Files\KernelTek\KeyLover21\mailtest.txt |
526 |
Text Document |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\KernelTek\KeyLover21 |
| C:\Program Files\KernelTek\KeyLover21\Dll |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\KernelTek\KeyLover\Cfg |
Use SMTP |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\KernelTek\KeyLover\Cfg |
Use SMTP Authentication |
