This malware arrives on a system as a file dropped by other malware. It may also be installed manually by a user.Upon execution, it drops a copy of itself and another file that contains its stolen information.
It monitors the Internet Explorer activities of the affected system. It logs keystrokes when a user accesses a Web site containing certain strings in its title bar.
It attempts to retrieve information from Web sites of certain banking institutions.
It gathers information by logging user keystrokes. It steals sensitive information, such as user names and passwords and saves it in a file. This routine risks the exposure of sensitive user information, which may then lead to the unauthorized use of the stolen data.
It sends its stolen information to a remote site via HTTP POST.
More...