Eddy
3
Looks like the Remote Password Stealer originating from FindPassword.com.
- Connects to the remote server
- Logs keystrokes
- Runs in stealth mode
- Steals personal information
Creates the following files:
FILE:%WINDOWS%\Lpr123.exe
FILE:%WINDOWS%\Spdhook.dll
FILE:%WINDOWS%\Spd123.ini
and adds the following registry keys:
RUN:lpr
RUN:lpr123.exe