When executed, the Trojan creates the following folder:
It also creates the following file:
[ORIGINAL FOLDER] is the folder where the Trojan is executed.
The Trojan then searches through the following processes for track one and track two data from credit cards:
The Trojan may then send the stolen information to a remote location.
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":