W32.Casail.A


Aliases: N/A
Variants: N/A

Classification: Malware
Category: Computer Worm

Status: active & spreading
Spreading: slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 20 Dec 2007
Damage: medium

Characteristics: The W32.Casail.A program spreads through local and removable drives. It can also steal confidential information from the compromised computer. 

More details about W32.Casail.A

The W32.Casail.A program records keystrokes and takes screenshots of your computer screenshots of the Web pages. This action tends to steal sensitive and confidential information saved and/or opened in your computer. The worm is removed from easy to moderate depending on your knowledge on the technicalities and familiarization with computer registry entries and system files. This Trojan application runs silently in the background processes of the system. Its running processes are hidden from process lists. Its associated files may be set to hidden. Once the W32.Casail.A program has established itself within the system, it may then connect to a predefined server to download files and programs. Files and programs may include additional malware. This Trojan application may also download a file encrypting tool. It uses this encrypting tool to encrypt all the files it downloads. It may also be used to encrypt all the associated files of the W32.Casail.A program.

This Trojan application may gather data from the system as well. Data such as computer specifications and user data may be gathered. The gathered data is then kept in an encrypted log file. This log file may eventually be forwarded to a third party via remote server.