Updated: February 7, 2007 3:39:53 PM
Also Known As: Hacktool.Pwdump [Symantec]
Type: Security Assessment Tool
Name: Pwdump
Risk Impact: High
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000
When the program executes it connects to a remote computer and downloads the following file:
pwdservice.exe
Next, the program registers the downloaded file as a remote service.
The program creates the following registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer\"000" = "pwdservice.exe"
The program then sends extracted password hashes to a remote computer.
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
