TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
TSPY_AGENT.AHCN
Overview
Solution
Technical Details

QUICK LINKS  

Download the latest scan engine

TypeSpyware

In the wild: No

Destructive: No

Language: English

Systems affected: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

 Low

Reported detections:

 Low

System  impact:

 High

Information exposure:

 High
 

Description:

This spyware may be downloaded from remote site(s) by the following malware:

It may be downloaded from a remote site.

Upon execution, it drops copies of itself. It drops files/components. It creates registry entries to enable its automatic execution at every system startup. It creates registry key(s)/entry(ies). It modifies registry key(s)/entry(ies) as part of its installation routine. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.

It gathers information by searching for certain Protected Storage items. It then sends the gathered information to several URLs using HTTP post.

This routine risks the exposure of the sensitive information, which may then lead to the unauthorized use of the stolen data.

It has rootkit capabilities that enable it to hide its files, processes, and registry entries.

It deletes itself after execution.

For additional information about this threat, see:
Solution
Technical Details



Tell us how we did. Take our quick survey.