A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #3570  by EP_X0FF
 Fri Nov 19, 2010 3:43 am
SpyEye Builder v1.2.60 (protected by VmProtect)
+ patch from Xylitol (requires VS 2010 redistr).

Take care, could be harmful.
Attachments
SpyEye.png
SpyEye.png (82.47 KiB) Viewed 686 times
pass: malware
(1.63 MiB) Downloaded 100 times
 #3589  by EP_X0FF
 Fri Nov 19, 2010 1:54 pm
BTW seems to be 1.2.80 is final.
Author switched to Zeus development.

files from the link above (in case if source will be unavailable)
Attachments
pass: malware
(1.12 MiB) Downloaded 74 times
 #3590  by gjf
 Fri Nov 19, 2010 1:58 pm
EP_X0FF wrote:BTW seems to be 1.2.80 is final.
Author switched to Zeus development.
I know about passing Zeus sources to SpyEye author but are you sure he will continue Zeus, not merging them all together into something new?
Where did you get this information?
 #3591  by EP_X0FF
 Fri Nov 19, 2010 2:02 pm
From underground places.
gribodemon (01:11:43 22/10/2010)
Мой новый проект во много раз лучше.

I (01:12:08 22/10/2010)
mmm... t.e. ty zevsa perepisal ili kak?

gribodemon (01:13:41 22/10/2010)
Переписал. Доработал. Поправил. Улучшил. Изменил.

I (01:14:04 22/10/2010)
a chto s glazom? obnovleniy bol'she ne budet ?

gribodemon (01:14:39 22/10/2010)
Нет.

gribodemon (01:15:11 22/10/2010)
Я тебе советую. Возьми. Благодарить будешь.

gribodemon(01:15:16 22/10/2010)
Это приват теперь.

gribodemon (01:15:18 22/10/2010)
Никакого паба.

I (01:15:28 22/10/2010)
hmmm... alya zevs 2.1 ?

gribodemon (01:16:09 22/10/2010)
3.0
 #3593  by EP_X0FF
 Fri Nov 19, 2010 2:07 pm
In any case, not a big loss if this bot series will die. More likely it will be sold somebody else in future.
 #3616  by EP_X0FF
 Sat Nov 20, 2010 4:06 pm
SpyEye v1.2.50 Builder.
Patch by Zer0Flag

Image

Take care, could be harmful.
Attachments
pass: malware
(1.63 MiB) Downloaded 73 times
 #3678  by Jaxryley
 Wed Nov 24, 2010 6:18 am
!http://www.database-upgrade.net/coder/m ... rypted.exe
crypted.exe - 7/43 - Kaspersky - Win32.Jorik.SpyEyes.gs - MD5 : deb097c6dee4df1b6ee1b6874d0bc676
http://www.virustotal.com/file-scan/rep ... 1290578875

Dropped:
upd1.tmp - 12/43 - MD5 : b903ef100b28ef5f82e753fccb0d2079
http://www.virustotal.com/file-scan/rep ... 1290578879
Pass:
malware

(435.87 KiB) Downloaded 70 times
  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 42