Win32/PSW.LdPinch [Threat Name] go to Threat

Win32/PSW.LdPinch.NLP [Threat Variant Name]

Category trojan
Size 23040 B
Detection created Oct 08, 2009
Detection database version 4491
Aliases Trojan.Win32.Buzus.cezu (Kaspersky)
  Generic.PWS.y!bbb (McAfee)
  Infostealer (Symantec)
Short description

Win32/PSW.LdPinch.NLP is a trojan that steals passwords and other sensitive information. The trojan can send the information to a remote machine.

Installation

The trojan does not create any copies of itself.

Information stealing

Win32/PSW.LdPinch.NLP is a trojan that steals passwords and other sensitive information.


The trojan collects information related to the following applications:

  • The Bat!
  • ICQ
  • &RQ
  • Trillian IM
  • RASDIAL
  • Total Commander
  • Windows Commander
  • Becky! Internet Mail
  • Internet Explorer
  • Microsoft Outlook
  • Outlook Express
  • CuteFTP
  • E-Dialer
  • Far
  • WS_FTP Professional
  • Opera
  • Mozzila Firefox
  • QIP
  • Mozilla Thunderbird
  • Mail.Ru
  • Eudora
  • Punto Switcher
  • Gaim
  • FileZilla
  • FlashFXP
  • Windows Live Messenger
  • MSN Messenger
  • VDialer
  • SmartFTP
  • CoffeeCup
  • Direct FTP
  • RapGet
  • Rapidshare Instant Downloader
  • Universal Share Downloader
  • Windows Remote Desktop
  • FTP Commander

The trojan collects the following information:

  • operating system version
  • user name
  • computer name
  • list of disk devices and their type
  • network adapter information
  • list of running processes
  • current screen resolution
  • installed program components under  [HKEY_LOCAL_MACHINE\­SOFTWARE\­Microsoft\­Windows\­CurrentVersion\­Uninstall] Registry subkeys
  • CPU information
  • memory status

The trojan can send the information to a remote machine.


The trojan contains a list of (1) URLs.


The HTTP protocol is used.

Other information

The trojan interferes with the operation of some security applications to avoid detection.

Please enable Javascript to ensure correct displaying of this content and refresh this page.