Mal/DarkShell-A is a Trojan that is propagates as a mischievous help (.HLP) file via social engineering. Cybercrooks strive to fool victims into opening the malicious file and, thus, affecting their computers with a spyware keylogger. If the corrupt file is opened, an error message is displayed. In the background, another infectious file is dropped onto the PC, which in turn creates one more file. Mal/DarkShell-A logs keystrokes of the PC user and sends them to remote attackers.
How Can You Detect Mal/DarkShell-A?
Mal/DarkShell-A Technical Report
As new Mal/DarkShell-A details are reported by our customers and findings from our Threat Research Center, we will update this section.
URLs, domains, and websites related or accessed by Mal/DarkShell-A (do not visit them):
Mal/DarkShell-A Removal Details
Mal/DarkShell-A has typically the following processes in memory:
Mal/DarkShell-A creates the following files in the system:
- \Documents and Settings\username\Local Settings\Application Data\UserData.dat