Win32/PSW.Legendmir [Threat Name] go to Threat

Win32/PSW.Legendmir.QL [Threat Variant Name]

Category trojan
Size 29184 B
Aliases Trojan-GameThief.Win32.Lmir.ql (Kaspersky)
  Infostealer.Lemir.Gen (Symantec)
  PWS:Win32/Lmir (Microsoft)
  TROJ_LEMIR.GL (TrendMicro)
Short description

The trojan collects information related to the on-line game Legend of Mir . The trojan attempts to send gathered information to a remote machine.

Installation

The trojan does not create any copies of itself.


The trojan is probably a part of other malware.

Information stealing

Win32/PSW.Legendmir.QL is a trojan that steals account names and passwords for the following online games:

  • Legend of Mir

The trojan collects the following information:

  • computer name
  • external IP address of the network device

The trojan attempts to send gathered information to a remote machine.


The trojan contains a URL address. The HTTP protocol is used in the communication.


Other information

The trojan hooks the following Windows APIs:

  • connect (ws2_32.dll, wsock32.dll)
  • send (ws2_32.dll, wsock32.dll)
  • recv (ws2_32.dll, wsock32.dll)

Please enable Javascript to ensure correct displaying of this content and refresh this page.