MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c7387e5e05f3c282a27e268486f4bf7d6cb6c807a59f650c0f5fd798c5b1cdd6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GoldenSpy


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c7387e5e05f3c282a27e268486f4bf7d6cb6c807a59f650c0f5fd798c5b1cdd6
SHA3-384 hash: 939e42541a65aa6444ad2c35e52888b67947388d2139ee209d3d4b1a4178b709c8e7d518ea11f37e78a05f00eb47f450
SHA1 hash: 6822aa87aa1c9c578459a16a0679920c317de615
MD5 hash: 09e8170a1828778384c52338c1c082c8
humanhash: jersey-solar-fish-kentucky
File name:GoldenSpy (4)
Download: download sample
Signature GoldenSpy
Create hunting rule
File size:381'454 bytes
First seen:2020-07-02 14:25:06 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash abb85e8b889dab3b36aa68b03047e6e6 (13 x GoldenSpy)
ssdeep 6144:3w8in55xYIcqThtaibCYW1uLjaEGMSTUv8p2sJMM1uzZnotx:zinKIThtaiHxQTk8p2saMn3
Threatray 15 similar samples on MalwareBazaar
TLSH 35842269830085F2EB9314709A3F7B1CDBA35469A16C4BDBD7012462B9B3F541F2D3AB
Reporter JAMESWT_WT
Tags:GoldenSpy

Intelligence

File Origin
# of uploads :
1
# of downloads :
100
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Detection(s):
PUA.Win.Downloader.Soft32downloader-6691270-0
Create hunting rule

SecuriteInfo.com.Gen.Trojan.Heur.JP.Fu0@amLneyaj.31470.17529.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c7387e5e05f3c282a27e268486f4bf7d6cb6c807a59f650c0f5fd798c5b1cdd6/
Threat name:
Win32.Backdoor.GoldenSpy
Create hunting rule
Status:
Suspicious
First seen:
2020-06-18 10:44:44 UTC
File Type:
PE (Exe)
Extracted files:
7
AV detection:
37 of 48 (77.08%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=y44h4xqf6pbifit6e2cin5f7pvwlnsahuwpwkdapl7lzrrnrzxla._file
Verdict:
malicious
Similar samples:
20932b2151de5f0dc5c1159fbc1d2d004f069bb04d32d66dc7fa5b7b9eac1aa7
GoldenSpy
3b8761d2e19bc5185f55cc2f575bbe54a45a52fc1c8650a60f1bd13e01e24655
GoldenSpy
4f86175e5500be87cc95ea9fcaf565970e15a86b2aa3223f8ef8d25e72cec376
GoldenSpy
77ee7b0a10f3c0ab08c1b1f88ceb0dd979e9c2fee17ac5fd14c9ce27002f6078
GoldenSpy
7c58672f646a85dd65ae2c5d44fdcfb899584a9a27650418a06ecc495cdf7a86
GoldenSpy
a6e9d6c145668c4fc6e6dbd3d1fe4bc394211d9c09d31c12730ceddf3e5056be
GoldenSpy
b67913449618756dcc815a242a270257cce4d5ae71911bb6716bdecc2f1c0c7f
GoldenSpy
c5c5e59bb18bad1427714d0007b676e658d8e08faf5a0632ed88912f5816d525
GoldenSpy
e2f55047a690ed67d5e3a5f90679576e3cca6ceac36bce39dc60b4748a176a09
GoldenSpy
ffbeaa5947fc467fce27c765a4e8dc08e45c8ca13e583f5271b19e944e0cb8e3
GoldenSpy
+ 5 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200702-wd6y81tarx/
Behaviour
NSIS installer
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/18491/

Comments