MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a6e9d6c145668c4fc6e6dbd3d1fe4bc394211d9c09d31c12730ceddf3e5056be. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GoldenSpy


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a6e9d6c145668c4fc6e6dbd3d1fe4bc394211d9c09d31c12730ceddf3e5056be
SHA3-384 hash: c5ff1dec918d4c1a85eabce52cae632ab33210ec92120ab04fd7ce1c3b60c9cea43f7c96b0c857cabe46d449d8d6a096
SHA1 hash: ecd85fe374fe85ff8dc1316cf700cba715e8b89b
MD5 hash: 5002cc2fbcdd2f340e9258f74be8bd1d
humanhash: red-mobile-timing-snake
File name:GoldenSpy (11)
Download: download sample
Signature GoldenSpy
Create hunting rule
File size:375'789 bytes
First seen:2020-07-02 14:26:15 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash abb85e8b889dab3b36aa68b03047e6e6 (13 x GoldenSpy)
ssdeep 6144:3w8zbFY3OkY7XrCkdDdqqAP8bJFCQcc/TUv8p2sJMM1uzZnotq:zzbd1ykSV8bd/Tk8p2saMng
Threatray 60 similar samples on MalwareBazaar
TLSH B98423749B49C0F8DDD30AB0AEF9B726E9B71014819D67A6C31254F7BC23D811B2D3A9
Reporter JAMESWT_WT
Tags:GoldenSpy

Intelligence

File Origin
# of uploads :
1
# of downloads :
105
Origin country :
n/a
Vendor Threat Intelligence
Detection:
Goldenspy
Create hunting rule
Link:
https://www.capesandbox.com/analysis/18498/
Detection(s):
PUA.Win.Downloader.Soft32downloader-6691270-0
Create hunting rule

SecuriteInfo.com.Gen.Trojan.Heur.JP.Fu0@amLneyaj.31470.17529.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a6e9d6c145668c4fc6e6dbd3d1fe4bc394211d9c09d31c12730ceddf3e5056be/
Threat name:
Win32.Backdoor.Goldenspy
Create hunting rule
Status:
Malicious
First seen:
2020-04-18 03:56:14 UTC
File Type:
PE (Exe)
Extracted files:
7
AV detection:
38 of 48 (79.17%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
20932b2151de5f0dc5c1159fbc1d2d004f069bb04d32d66dc7fa5b7b9eac1aa7
GoldenSpy
3b8761d2e19bc5185f55cc2f575bbe54a45a52fc1c8650a60f1bd13e01e24655
GoldenSpy
41103f32f247ba744a8fbe17deac4bd26aeba323f3161e44adc35f8dd81ce4d3
GoldenSpy
4f86175e5500be87cc95ea9fcaf565970e15a86b2aa3223f8ef8d25e72cec376
GoldenSpy
77ee7b0a10f3c0ab08c1b1f88ceb0dd979e9c2fee17ac5fd14c9ce27002f6078
GoldenSpy
7c58672f646a85dd65ae2c5d44fdcfb899584a9a27650418a06ecc495cdf7a86
GoldenSpy
b67913449618756dcc815a242a270257cce4d5ae71911bb6716bdecc2f1c0c7f
GoldenSpy
c7387e5e05f3c282a27e268486f4bf7d6cb6c807a59f650c0f5fd798c5b1cdd6
GoldenSpy
e2f55047a690ed67d5e3a5f90679576e3cca6ceac36bce39dc60b4748a176a09
GoldenSpy
ffbeaa5947fc467fce27c765a4e8dc08e45c8ca13e583f5271b19e944e0cb8e3
GoldenSpy
+ 50 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200702-q73sjbwjgs/
Behaviour
NSIS installer
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/18498/

Comments