Win32/PSW.Mifeng [Threat Name] go to Threat

Win32/PSW.Mifeng.W [Threat Variant Name]

Category trojan
Size 16353 B
Detection created Aug 06, 2007
Detection database version 2440
Aliases Trojan-PSW.Win32.Mifeng.w (Kaspersky)
  Trojan:Win32/Ordpea.A (Microsoft)
  PWS-Mifeng (McAfee)
Short description

The trojan collects various information related to online computer games. The trojan attempts to send gathered information to a remote machine.

Installation

When executed, the trojan copies itself into the following location:

  • %temp%\­WinSrv.EXE

This copy of the trojan is then executed.


The following Registry entry is set:

  • [HKEY_LOCAL_MACHINE\­SOFTWARE\­Microsoft\­Windows\­CurrentVersion\­Policies\­Explorer\­Run]
    • "WinSrv" = "%temp%\­WinSrv.EXE"

After the installation is complete, the trojan deletes the original executable file.

Other information

Win32/PSW.Mifeng.W is a trojan that steals account names and passwords for the following online games:

  • Soul Of The Ultimate Nation Online

The trojan gathers information related to the following processes:

  • Sungame.exe (Soul Of The Ultimate Nation Online)

The trojan attempts to send gathered information to a remote machine.


The trojan contains a list of (2) URLs. The HTTP protocol is used.


The trojan may terminate specific running processes.

Please enable Javascript to ensure correct displaying of this content and refresh this page.