Recently I received reports regarding an email advertising a network utility developed by ParsOnline to help the customers monitor their accounts and usage. The email had a link to ZIP file on a file sharing web site. I downloaded the file and inspected its contents. It was a malware that installed a keylogger on the victim's machine. The keylogger would capture every keystroke of the user and took screenshots of the desktop everyoften, then send them to a gmail account.
The ZIP file contained 2 files: