KeyTrap
This stealth key-logger program will monitor and record all keyboard activity in Invisible mode. The keystrokes are stored in an encrypted file in a secret location. An administrator program is available for retrieving the keystroke information in
a convenient report format. The report stores the keystrokes according to application, as well as date and time. The program will record everything, including all passwords typed and all chat room activity.0
General information:
| Malware Name: |
KeyTrap |
| Malware Type: |
Key Logger |
| Company Name: |
CompuPhase |
| Company URL: |
http://www.compuphase.com/
|
| Threat Level: |
Elevated Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
CompuPhase develops software and hardware per specification, and markets several products that it produces. It builds both software and hardware developments (electronics, embedded systems) that on specification. Products that it developed in-house
as well as products that it distribute and support, e.g. the CompuPhase Programmable MP3 Player/Controller. Some of its products are freely available and most of its products are available with full source code. CompuPhase specializes in programming
of applications and tools for IBM PC compatible systems, and the design and implementation of custom electronics.
Spyware Description:
This stealth key-logger program will monitor and record all keyboard activity in Invisible mode. The keystrokes are stored in an encrypted file in a secret location. An administrator program is available for retrieving the keystroke information in
a convenient report format. The report stores the keystrokes according to application, as well as date and time. The program will record everything, including all passwords typed and all chat room activity.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\KeyTrap\bin\KEYTRAP.SYS |
6400 |
System file |
| C:\KeyTrap\examples\VBASIC\KT_DLLVB.inc |
8551 |
INC File |
| C:\KeyTrap\include\KeyTrap.h |
5543 |
H File |
Folder information Created after Installation:
| Folder Location |
| C:\KeyTrap\include |
| C:\KeyTrap\lib |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallCompuPhase KeyTrap |
DisplayName |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CompuPhase KeyTrap |
UninstallString |
