Win32/Kheagol.Patch.A
Win32/Kheagol.Patch.A is a malicious password stealing Trojan dropper. Win32/Kheagol.Patch.A tries to steal the affected user account's logon information, especially connected with online financial accounts. Win32/Kheagol.Patch.A is dropped by another Trojan infection that is a member of the same malware family. Win32/Kheagol.Patch.A could be modified in its payload to run other malware threats. Win32/Kheagol.Patch.A is executed upon accessing a certain web page. Changing data to be loaded by Win32/Kheagol.Patch.A from that web page attackers are free to represent new content. Anyway, Win32/Kheagol.Patch.A keeps addressing the web page as instructed at provided intervals updating the password stealing infections. Win32/Kheagol.Patch.A is able to create an independent connection channel to a remote server when sending stored information. Stored data based on spying sending is doubled through Win32/Kheagol.Patch.A's channel. Get rid Win32/Kheagol.Patch.A immediately after detection.
URLs
Win32/Kheagol.Patch.A may call the following URLs:
getradiosearch.com |