All In One Keylogger

Category: Adware and PUAs Protection available since:20 Dec 2011 11:02:08 (GMT)
Type: Unspecified PUA Last Updated:04 Nov 2015 04:18:24 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of All In One Keylogger include:

Example 1

File Information

Size
2.3M
SHA-1
0171d6a525598a7d8daa83e4a18c024cabfc6ea5
MD5
59a9022a6e7e1bca3ff03ea80c79b3bc
CRC-32
1ad7c74b
File type
Windows executable
First seen
2012-09-14

Runtime Analysis

Registry Keys Created
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}\InprocServer32
    ThreadingModel
    Free
  • HKLM\SOFTWARE\Licenses
    {0AB249BA633C01DE5}
    V>□□□□□□□p□□□□□0□□`□□@□□`+□ f□□□□□□□□□□□□□□□□ =□□□□□=□□□□ `□□□□□B□□□□□`□□□□ V□□□□□□□□.□@b□□5□□□□□□□ y□p□□0-□0□□□□□□]□□□□□□□□□□□□□□□□□y□p=□□□□□]□□□□ □□□□□□□□0□□□q□□"□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□P□□□□□p□□P□□□□□□□□□
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}
    (Default)
    EAP Quarantine Enforcement Client Callback Component

Example 2

File Information

Size
2.3M
SHA-1
0853d13398d819d7019049fe2f885948ab46d7ff
MD5
96c62f4b4274c4ea8dcb9341b2084ffd
CRC-32
c04aa61d
File type
Windows executable
First seen
2015-09-27

Runtime Analysis

Registry Keys Created
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}\ProgID
    (Default)
    DAO.Index.36
  • HKLM\SOFTWARE\Licenses
    {0AB249BA633C01DE5}
    V>□□□□□□□p□□□□□0□□□□□@□□□/□ f□□□□□□□□□□□□□□□□ =□□□□□=□P□□□d□`□□pF□□□□pd□`□□□R□`□□0□□□*□□f□01□ □□`□□ y□p□□0-□0□□□□□□]□□□□□□□□□□□□□□□□□y□p=□□□□□]□□□□ □□□□□□□□□□□□n□@v□□□□□□□□□□□i□ □□□□□□□□
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}
    (Default)
    DAO.Index.36

Example 3

File Information

Size
2.2M
SHA-1
08b9d160deed77d433d5e9325ce95c8277682d44
MD5
cc9f2f54034624a3a5496c55072df31c
CRC-32
98d2a9e7
File type
Windows executable
First seen
2015-11-02

Runtime Analysis

Registry Keys Created
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}\ProgID
    (Default)
    TamperProtectionPlugin.TamperProtectionUIPlugin.1
  • HKLM\SOFTWARE\Licenses
    {0AB249BA633C01DE5}
    V>□□□□□□□p□□□□□0□□□□□@□□□ □ f□□□□□□□□□□□□□□□□ =□□□□□=□ □□□k□□□□□I□`□□□k□□□□□]□□□□@□□`%□□i□@>□P□□□□□ y□p□□0-□0□□□□□□]□□□□□□□□□□□□□□□□□y□p=□□□□□]□□□□ □□□□□□□□@□□ U□□]□@□□□□@7□0□□□□□
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}\VersionIndependentProgID
    (Default)
    TamperProtectionPlugin.TamperProtectionUIPlugin
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}
    AppID
  • HKCR\CLSID\{C10A8A4D-E8D3-342C-99F9-9F564AE52EDA}\TypeLib
    (Default)
    {13D929D1-7083-11DE-A12A-000C29059B23}

download Try Sophos products for free
Download now