MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ffbeaa5947fc467fce27c765a4e8dc08e45c8ca13e583f5271b19e944e0cb8e3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


GoldenSpy


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ffbeaa5947fc467fce27c765a4e8dc08e45c8ca13e583f5271b19e944e0cb8e3
SHA3-384 hash: af17567c3519707a029e4d482eb9f72d86045e83afd0038e5a97fa23ef656b57bd31c502908c06239b24ff17108b81be
SHA1 hash: 5fe24ee068b71fb96a917b0ced319ed2bb02ab3c
MD5 hash: 580caea69988031af5b91bbd27789a52
humanhash: december-stairway-north-stairway
File name:GoldenSpy (9)
Download: download sample
Signature GoldenSpy
Create hunting rule
File size:375'334 bytes
First seen:2020-07-02 14:25:32 UTC
Last seen:2020-07-02 14:26:05 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash abb85e8b889dab3b36aa68b03047e6e6 (13 x GoldenSpy)
ssdeep 6144:3w8w59rUQH2+6ybupjDZhONfxY+QFwpKVXTImo6tfZIhITfTUv8p2sJMM1uzZno1:zwQ4Uyb4DZh4Y+4wo5Tk4xskTk8p2saC
Threatray 28 similar samples on MalwareBazaar
TLSH 54841266C74504D5DEE30AF80D6AB757EBD72814809C6AABC395B527BCB39806F0E370
Reporter JAMESWT_WT
Tags:GoldenSpy

Intelligence

File Origin
# of uploads :
3
# of downloads :
104
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/18496/
Detection(s):
PUA.Win.Downloader.Soft32downloader-6691270-0
Create hunting rule

SecuriteInfo.com.Gen.Trojan.Heur.JP.Fu0@amLneyaj.31470.17529.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ffbeaa5947fc467fce27c765a4e8dc08e45c8ca13e583f5271b19e944e0cb8e3/
Threat name:
Win32.Backdoor.Goldenspy
Create hunting rule
Status:
Malicious
First seen:
2020-04-17 06:32:19 UTC
File Type:
PE (Exe)
Extracted files:
7
AV detection:
38 of 48 (79.17%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
20932b2151de5f0dc5c1159fbc1d2d004f069bb04d32d66dc7fa5b7b9eac1aa7
GoldenSpy
3b8761d2e19bc5185f55cc2f575bbe54a45a52fc1c8650a60f1bd13e01e24655
GoldenSpy
41103f32f247ba744a8fbe17deac4bd26aeba323f3161e44adc35f8dd81ce4d3
GoldenSpy
4f86175e5500be87cc95ea9fcaf565970e15a86b2aa3223f8ef8d25e72cec376
GoldenSpy
77ee7b0a10f3c0ab08c1b1f88ceb0dd979e9c2fee17ac5fd14c9ce27002f6078
GoldenSpy
a6e9d6c145668c4fc6e6dbd3d1fe4bc394211d9c09d31c12730ceddf3e5056be
GoldenSpy
b67913449618756dcc815a242a270257cce4d5ae71911bb6716bdecc2f1c0c7f
GoldenSpy
c5c5e59bb18bad1427714d0007b676e658d8e08faf5a0632ed88912f5816d525
GoldenSpy
c7387e5e05f3c282a27e268486f4bf7d6cb6c807a59f650c0f5fd798c5b1cdd6
GoldenSpy
e2f55047a690ed67d5e3a5f90679576e3cca6ceac36bce39dc60b4748a176a09
GoldenSpy
+ 18 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200702-lkz45bfk86/
Behaviour
NSIS installer
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/18496/

Comments