Home Malware Programs Keyloggers Spy Lantern

Spy Lantern

Posted: March 28, 2006

Spy Lantern is a commercial keylogger that tracks user activity, logs keystrokes, captures screenshots, records passwords and addresses of visited Internet sites. The application can save gathered data to a hard disk or send it out by e-mail. Spy Lantern must be manually installed. The keylogger uses files with random names, so it is very difficult to detect. It secretly runs on every Windows startup.

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerMenuOrderStartMenu2ProgramsSpyLanternKeyloggerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyLanternKeyloggerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsNTCurrentVersionWindowsAppInit_DLLs=[filename].dllHKEY_LOCAL_MACHINESYSTEMControlSet001Services[randomname]driverHKEY_LOCAL_MACHINESYSTEMControlSet001Services[randomname]srvHKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices[randomname]driverHKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices[randomname]drv
Loading...