PWS:Win32/OnLineGames.KQ

By LoneStar in Trojans

Translate To:

Threat Scorecard

Threat Level:	80 % (High)
Infected Computers:	21

First Seen:	January 7, 2013
Last Seen:	March 26, 2022
OS(es) Affected:	Windows

PWS:Win32/OnLineGames.KQ is a Trojan that steals passwords for online games from affected Internet users. While being installed on the victimized computer, PWS:Win32/OnLineGames.KQ downloads potentially harmful files. PWS:Win32/OnLineGames.KQ is installed as a DLL file, and when loaded by 'iexplore.exe', PWS:Win32/OnLineGames.KQ strives to steal user account credentials if the PC user logs on to any of particular websites. PWS:Win32/OnLineGames.KQ also controls and grabs the computer owner's credentials if particular processes associated with online games are running on the targeted PC. PWS:Win32/OnLineGames.KQ may log the gathered details into specific files. PWS:Win32/OnLineGames.KQ then forwards the collected data to any of websites via HTTP POST.

Table of Contents

SpyHunter Detects & Remove PWS:Win32/OnLineGames.KQ

File System Details

PWS:Win32/OnLineGames.KQ may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	21.exe	ebefee9de7d429fe00593a1f6203cd6a	4
Name: 21.exe MD5: ebefee9de7d429fe00593a1f6203cd6a Size: 56.22 KB (56224 bytes) Detections: 4 Type: Executable File Path: C:\Users\<username>\Desktop\NanoCore 1.2.2.0 Cracked By Alcatraz3222_Final\theZoo-master\malwares\Binaries\Variant.Kazy\21.exe Group: Malware file Last Updated: March 26, 2022
2.	[system folder]\ws2help.dll
Name: [system folder]\ws2help.dll Type: Dynamic link library Group: Malware file
3.	[system folder]\win32.dll
Name: [system folder]\win32.dll Type: Dynamic link library Group: Malware file
4.	[system folder]\imm32b.dll
Name: [system folder]\imm32b.dll Type: Dynamic link library Group: Malware file
5.	0a77ba7b57224b3f9adcdaa2dc3cfc36	0a77ba7b57224b3f9adcdaa2dc3cfc36	0
Name: 0a77ba7b57224b3f9adcdaa2dc3cfc36 MD5: 0a77ba7b57224b3f9adcdaa2dc3cfc36 Size: 80.89 KB (80896 bytes) Detections: 0 Group: Malware file Last Updated: February 25, 2013
6.	ws2help.dll	aa183069409b28591612bb0da9d03fed	0
Name: ws2help.dll MD5: aa183069409b28591612bb0da9d03fed Size: 90.11 KB (90112 bytes) Detections: 0 Type: Dynamic link library Group: Malware file Last Updated: February 25, 2013
7.	b3b1ff527c249b258374c47572400169	b3b1ff527c249b258374c47572400169	0
Name: b3b1ff527c249b258374c47572400169 MD5: b3b1ff527c249b258374c47572400169 Size: 77.82 KB (77824 bytes) Detections: 0 Group: Malware file Last Updated: February 25, 2013
8.	C__Users_god_AppData_Local_Temp_WinSocketA.dll	2edf4930eb8c9546ea85376d01093563	0
Name: C__Users_god_AppData_Local_Temp_WinSocketA.dll MD5: 2edf4930eb8c9546ea85376d01093563 Size: 39.42 KB (39424 bytes) Detections: 0 Type: Dynamic link library Group: Malware file Last Updated: February 25, 2013
9.	ws2help.dll	fa274cc86195e51236343b1d0f4ca2a0	0
Name: ws2help.dll MD5: fa274cc86195e51236343b1d0f4ca2a0 Size: 90.11 KB (90112 bytes) Detections: 0 Type: Dynamic link library Group: Malware file Last Updated: February 25, 2013

Registry Details

PWS:Win32/OnLineGames.KQ may create the following registry entry or registry entries:

Regexp file mask

%APPDATA%\gdx.exe

%HOMEDRIVE%\Cache\ModuleW.exe

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

PWS:Win32/OnLineGames.KQ

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove PWS:Win32/OnLineGames.KQ

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen