Keylogger.Revealer
Posted: September 29, 2017
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 1,810 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 33,108 |
| First Seen: | July 24, 2009 |
|---|---|
| Last Seen: | October 17, 2023 |
| OS(es) Affected: | Windows |
Keylogger.Revealer is a detection name used to describe the Revealer Keylogger, a piece of software, which is being advertised as an excellent monitoring tool that can grab screenshots, record keystrokes, and capture conversations or Web camera footage. However, it is clear that a tool capable of all this also can be used for harmful purposes, and this is why the Revealer Keylogger has grabbed the attention of major names in the cyber security field. This tool may often be installed without the knowledge or authorization of the victims, and it could be used for all sorts of harmful purposes – spying on conversations, collecting login credentials or financial data, blackmailing users by threatening to disclose personal info or photos and much more.
Keylogger.Revealer is being advertised as a free application, but its publishers state that the free version comes with limited capabilities. The paid version is available with different prices, and it provides the buyer with access to most of the features that are advertised on the Keylogger.Revealer's website.
Since this is application is available to anyone who is willing to use it, then it is clear that this threat may come from anywhere – spam e-mail, a file sent from a friend, fake downloads, etc. The best protection against such versatile threats is to make sure that your computer is kept safe by a reputable and up-to-date anti-malware software suite, which offers the necessary active and passive protection modules.
Since Keylogger.Revealer is a pretty flexible utility, it is very difficult to detect its presence without running a security tool to scan for threatening behavior on behalf of the software installed on the computer. The keylogger may use random & stealth process names, as well as Registry entries whose purpose is to ensure that the executable will be started when Windows loads.
Aliases
Revealer Free Edition [Sunbelt]Trj/Keylog.LH [Panda]not-a-virus:Monitor.Win32.RevealerKeylogger.b [Ikarus]Keylog/RevealerKeylogger [Fortinet]Monitor.Win32.RevealerKeylogger.b [F-Secure]Not-A-Virus.Monitor.Win32.RevealerKeylogger.b [eWido]Trojan.Keylogger-209 [ClamAV]Application.Keylogger.Revealer.1.2 [BitDefender]Logger.CYJ [AVG]Win32:Adware-gen [Avast]SPR/RevealerKeylogger.B.1 [AntiVir]
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 846B (846 bytes)
MD5: d95c7bd2b19201d654a2e0d46dd91044
Detection count: 529
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 28, 2017
%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 846B (846 bytes)
MD5: 4d5ab107ffc743a01b631af3054010bd
Detection count: 391
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 28, 2017
%ALLUSERSPROFILE%\rvlkl\rvlkl.exe
File name: rvlkl.exeSize: 479.8 KB (479808 bytes)
MD5: adbeeb56fdf4afab537af84dcf22ef0b
Detection count: 326
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\rvlkl
Group: Malware file
Last Updated: April 15, 2020
%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 495B (495 bytes)
MD5: 706827141a26d7006c9cefbdcb3c3259
Detection count: 239
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: April 17, 2020
%ALLUSERSPROFILE%\rvlkl\rvlkl.exe
File name: rvlkl.exeSize: 375.36 KB (375360 bytes)
MD5: 47ea6a6ecff01d6dd3d37896b85b47c4
Detection count: 201
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\rvlkl
Group: Malware file
Last Updated: June 4, 2020
%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 666B (666 bytes)
MD5: 21edee5f0806469524f98667af280e56
Detection count: 194
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 28, 2017
%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 666B (666 bytes)
MD5: 1227cdc53f991ca8f712ed2a0c13c58b
Detection count: 178
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 28, 2017
%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 666B (666 bytes)
MD5: db75b3607bfa0e8eff8a2e637d72a283
Detection count: 157
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 28, 2017
%ALLUSERSPROFILE%\rvlkl\rvlkl.exe
File name: rvlkl.exeSize: 418.36 KB (418368 bytes)
MD5: b088b294ea68045da5ef3c28e7667535
Detection count: 141
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\rvlkl
Group: Malware file
Last Updated: October 24, 2020
%ALLUSERSPROFILE%\rvlkl\rvlkl.exe
File name: rvlkl.exeSize: 422.46 KB (422464 bytes)
MD5: 638ec77b4fef6e71f53de03e20889461
Detection count: 122
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\rvlkl
Group: Malware file
Last Updated: September 28, 2017
C:\WINDOWS\System32\rvlkl.exe
File name: rvlkl.exeSize: 659.87 KB (659872 bytes)
MD5: 3ed9e62ff0f8ee8854bcb7943cd961de
Detection count: 108
File type: Executable File
Mime Type: unknown/exe
Path: C:\WINDOWS\System32\rvlkl.exe
Group: Malware file
Last Updated: February 10, 2021
%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 850B (850 bytes)
MD5: a8241f5447e90cfbd2f59d9e3ce84d8f
Detection count: 105
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 28, 2017
%ALLUSERSPROFILE%\Start Menu\Programs\Startup\rvlkl.lnk
File name: rvlkl.lnkSize: 666B (666 bytes)
MD5: b1618a3f8b15974af5a4d1a48d98f591
Detection count: 98
File type: Shortcut
Mime Type: unknown/lnk
Path: %ALLUSERSPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 28, 2017
%ALLUSERSPROFILE%\rvlkl\rvlkl.exe
File name: rvlkl.exeSize: 472.12 KB (472128 bytes)
MD5: 1179da3d9aa1d716862e23723104af0d
Detection count: 75
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\rvlkl
Group: Malware file
Last Updated: September 28, 2017
file.exe
File name: file.exeSize: 1.56 MB (1562624 bytes)
MD5: 6e6c73f87952f9fa6ae12ebfd5c74071
Detection count: 65
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: July 11, 2022
%ALLUSERSPROFILE%\rvlkl\rvlkl.exe
File name: rvlkl.exeSize: 417.34 KB (417344 bytes)
MD5: de3ebeb04dc0a95c274270ac47ec0899
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\rvlkl
Group: Malware file
Last Updated: September 28, 2017
%PROGRAMFILES%\rvlkl\rvlkl.exe
File name: rvlkl.exeSize: 157.18 KB (157184 bytes)
MD5: f11f567f2578f06b1b32040283fd9401
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\rvlkl
Group: Malware file
Last Updated: September 28, 2017
%WINDIR%\System32\rvlkl.exe
File name: rvlkl.exeSize: 492.1 KB (492104 bytes)
MD5: dae32e26f42f996354f4461e61274074
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\System32
Group: Malware file
Last Updated: October 9, 2020
%WINDIR%\System32\rvlkl.exe
File name: rvlkl.exeSize: 440.39 KB (440392 bytes)
MD5: c90846e860f7766d84814d7707b06149
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\System32
Group: Malware file
Last Updated: September 28, 2017
%WINDIR%\System32\rvlkl.exe
File name: rvlkl.exeSize: 637 KB (637000 bytes)
MD5: 6139dedba18185cb55b5bf68d7ead1e7
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\System32
Group: Malware file
Last Updated: September 28, 2017
%WINDIR%\System32\rvlkl.exe
File name: rvlkl.exeSize: 637.6 KB (637608 bytes)
MD5: 73a0bff9cc4db8a8efa832650c35d196
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\System32
Group: Malware file
Last Updated: September 28, 2017
Registry Modifications
The following newly produced Registry Values are:
Regexp file mask%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk%WINDIR%\System32\rvlkl.exe
Regexp file mask%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk%WINDIR%\System32\rvlkl.exe
Additional Information
The following directories were created:
%ALLUSERSPROFILE%\Application Data\rvlkl%ALLUSERSPROFILE%\rvlkl%PROGRAMFILES%\rvlkl%PROGRAMFILES(x86)%\rvlkl
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.