This is a key-logging trojan that logs all the keystrokes of the user and sends them to a certain website.
Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.
Check for the latest database updates
Submit a sample
Exclude a file from further scanning
Note You need administrative rights to change the settings.
Upon Execution, this malware displays the following fake error message:
It then drops the following files on Windows System folder:
Note: %systemdir% by default is C:\Windows\system32
It also creates the following registry key as part of its auto-start mechanism:
This malware sends the user's keylogs to the following site: