Admin.HLP is a new
that monitors keystrokes on the victim's computer it is installed on, therefore able to collect sensitive information such as credit card numbers, usernames, passwords and etc. Once this information is collected, the Trojan sends it to the attacker's server over an encrypted, secured HTTPS connection.
Admin.HLP Trojan hides itself in a Windows help file called Amministrazione.hlp. Once the user opens the help file it triggers the Trojan which starts collecting keystrokes. The Admin.HLP Trojan is persistent and invoked again every time the victim's computer is restarted.