Internet Security Source provides daily updates on Internet Threats, Viruses, Worms, Trojans, Spyware and Adware. Subscribe to our newsletter and receive daily updates on threats on the internet.
LSADump
Friday, June 27 2008
Symantec Security Response
http://www.symantec.com/business/security_response/index.jspHacktool.LSADump
Updated: February 15, 2006 5:32:16 PM
Risk Impact: Medium
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000
SUMMARY
Behavior
Hacktool.LSADump is a hack tool that is used to gather Windows password hashes from computers running Windows.Protection
- Initial Rapid Release version February 16, 2006
- Latest Rapid Release version pending
- Initial Daily Certified version February 16, 2006
- Latest Daily Certified version February 16, 2006
- Initial Weekly Certified release date February 22, 2006
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
TECHNICAL DETAILS
Hacktool.LSADump is a hack tool that is used to gather Windows password hashes from computers running Windows.When executed, the risk will create the following files:
lsadump2.exe
dumplsa.dll
The risk will then dump the LSA secrets of the computer it is running on. This can contain passwords and other confidential information.
DCOMAssess
Incognito
WLMPass
BosonGetPass
MultiTool