Welcome to the Virus Encyclopedia of Panda Security.
It logs information harvested in the affected computer. It also can receive remote control commands.
|First detected on:||May 31, 2005|
|Detection updated on:||March 17, 2006|
|Yes, using TruPrevent Technologies
Rona.A is a Trojan that logs information, checks for an available Internet connection and then connects to an FTP site in order to send the log data, which includes:
- Active processes.
- Keystrokes entered.
- Web addresses accessed.
- Clips of user activities.
Rona.A does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.>
Rona.A is easy to recognize once it has affected the computer, as it displays the following image on screen when it is run:
The Trojan attempts to pass itself off as a secure messaging program.
Additionally, if the text string 2004 is entered in the textbox, Rona.A attempts to open a file called NDA RONA.DOC, which it has previously created.