Tuscas is a threat that steals passwords and other sensitive information from the compromised computer. Tuscas seems to be written in FASM, a low-level assembler.
The CLIENT.DLL library is injected in Windows Explorer, Internet Explorer, FireFox and Chrome. Tuscas intercepts HTTPS (SSL) traffic in Internet Explorer, Firefox and Chrome by hooking the browser via several API functions before the POST data is encrypted.
Tuscas collects information about the compromised computer and attempts to send the gathered info to a remote server.
Tuscas is able to download / execute additional malware and take screenshots on the compromised computer.
more here...........http://stopmalvertising.com/malware-reports/analysis-of-tuscas.html
The CLIENT.DLL library is injected in Windows Explorer, Internet Explorer, FireFox and Chrome. Tuscas intercepts HTTPS (SSL) traffic in Internet Explorer, Firefox and Chrome by hooking the browser via several API functions before the POST data is encrypted.
Tuscas collects information about the compromised computer and attempts to send the gathered info to a remote server.
Tuscas is able to download / execute additional malware and take screenshots on the compromised computer.
more here...........http://stopmalvertising.com/malware-reports/analysis-of-tuscas.html