Win32/PSW.OnLineGames [Threat Name] go to Threat

Win32/PSW.OnLineGames.AQLO [Threat Variant Name]

Category trojan
Size 6656 B
Detection created Aug 01, 2008
Detection database version 3317
Aliases Trojan-GameThief.Win32.OnLineGames.aqlo (Kaspersky)
  Infostealer.Gampass (Symantec)
  PWS:Win32/OnLineGames (Microsoft)
Short description

The trojan collects various information related to online computer games. The trojan attempts to send gathered information to a remote machine.

Installation

The trojan does not create any copies of itself.


In order to be executed on every system start, the trojan sets the following Registry entry:

  • [HKEY_CURRENT_USER\­Software\­Microsoft\­Windows\­CurrentVersion\­Run]
    • "butme.exe" = "%malwarefilepath%"
Information stealing

The trojan collects various information related to online computer games.


The trojan collects information related to the on-line game Age of Conan .


The trojan attempts to send gathered information to a remote machine.

Other information

Win32/PSW.OnLineGames.AQLO is a trojan which tries to download other malware from the Internet.


The trojan contains a list of (3) URLs.


It tries to download a file from the addresses.


The file is stored in the following location:

  • %temp%\­%variable%.exe

The file is then executed. The HTTP protocol is used.


A string with variable content is used instead of %variable% .

Please enable Javascript to ensure correct displaying of this content and refresh this page.