Win32/PSW.Fignotok [Threat Name] go to Threat

Win32/PSW.Fignotok.B [Threat Variant Name]

Category trojan
Size 1622016 B
Detection created Jan 14, 2010
Detection database version 10146
Aliases Trojan-PSW.Win32.Dybalom.bkn (Kaspersky)
  PWS:Win32/Fignotok.A (Microsoft)
  PWS-Dybalom.gen.a.trojan (McAfee)
Short description

Win32/PSW.Fignotok.B is a trojan that steals passwords and other sensitive information. The trojan can send the information to a remote machine.

Installation

When executed, the trojan creates the following files:

  • %appdata%\­iStealer.exe (1261568 B, Win32/PSW.Fignotok.B)
Information stealing

Win32/PSW.Fignotok.B is a trojan that steals passwords and other sensitive information.


The trojan collects information related to the following applications:

  • Mozilla Firefox
  • Internet Explorer
  • Google Chrome
  • Opera
  • Trillian
  • Filezilla
  • Flash FXP
  • SmartFTP
  • CuteFTP
  • Pidgin
  • PalTalk
  • Google Talk
  • Internet Download Manager

The trojan gathers information related to the following services:

  • Windows Live
  • Steam
  • No-IP
  • DynDNS Updater

The trojan attempts to send gathered information to a remote machine.


The trojan contains a list of (2) URLs. The HTTP protocol is used.

Please enable Javascript to ensure correct displaying of this content and refresh this page.