: The software records every key you press to capture usernames, passwords, and credit card numbers.

: Some variants take periodic screenshots of your desktop or can even activate your webcam and microphone.

: These archives often contain a legitimate-looking file (like a PDF or executable) used to sideload a malicious DLL (e.g., pa_lang2.dll ) that activates the keylogger.

: Once executed, the malware often hides itself and adds entries to your Windows Startup folder to ensure it runs every time you log in.