KeyLogger.FT

KeyLogger.FT is a program that allows to create keylogger type Trojans, which are designed to log the keystrokes typed by the user. This way, it could obtain any type of information, like passwords or any other confidential information.

KeyLogger.FT has the following characteristics:

• The program to create Trojans has the following icon:
  
  
• When the file is run, the following message is displayed:
  
  
• Then, the program is opened, which has the following interface:
  
  
• It has the following configuration options:
  - Email address to which send the information obtained.
  - Name of the file to be created.
  - SMTP server to send the data.
  - Activation of the Trojan: direct or after 4 reboots.
  - Lifetime of the Trojan: always in execution or uninstallation after a certain date.
  - Type of connection: via modem or LAN.
• Additionally, it has these other options:
  - New'n Updates: Access to news and updates of the program.
  - Special: Extra options, such as disable the Task manager.
  - Create Spion: this option allows to generate the malicious file, which will hace the name that has been selected and the following icon, which is the old symbol of the Windows operating systems:
  
  - ExeJoiner: option that allows to add the Trojan to other executable, which could be legitimate (in order to pass itself off as an inoffensive file) or even a malicious file (in order to be run with other malware simultaneously).
  
  - About: Information about the author and the tool.

Regarding the Trojan that is generated, it creates in the infected computer the following files and Windows Registry entries:

• In the Windows system directory it creates:
  - a copy of itself with the name that has been previously selected
  - EXKTKSP.DLL and EXKTKSP32.DLL. In these files the information it gathers is stored.
• HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows\ CurrentVersion\ Run
  %name of the Trojan% = %sysdir%\%name of the Trojan%
  where %sysdir% is the Windows system directory.