Threat Encyclopedia

Selected viruses, spyware, and other threats: sorted alphabetically

Short description
Win32/Captchar.A is a trojan , which tries to get the user to rewrite texts from Captcha images. The file is run-time compressed using UPX .
Installation
The trojan must be manually installed.

The trojan does not create any copies of itself.

The trojan creates and runs a new thread with its own program code within the following processes:
  • iexplore.exe
The following Registry entries are created:
  • [HKEY_CURRENT_USER\Software\SGPlay]
Other information
The trojan contains a list of (1) IP addresses.

It tries to download Captcha images and erotic images from a remote computer.

The HTTP protocol is used.

Captcha is a means of distinguishing a robot from a human using text hidden in an image. It is used in prevention of automated form submittion.

The program tries to get the user to rewrite text from the Captcha image into a text input field.

The trojan can send the information to a remote machine.

Afterwards, the user is rewarded with an erotic image.

It contains the following strings:
  • Hi!
    My name is
  • . I'm 18 years old and you have come to the
    right place to play :)
Some examples follow.

Example [1.] :
Example [2.] :