Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: SpyEye, the infostealing trojan leader

17 Feb 2011   #1

Win 7 Ultimate 64-bit. SP1.
SpyEye, the infostealing trojan leader


Everyone is talking about the SpyEye Trojan, the info stealer malware that gained all the attention after the author of ZeuS left the underground market and sold ZeuS sources to the SpyEye team. We already wrote about SpyEye last year, when we focused on the threat claiming that it could potentially become one of the top password stealing threats. Now that the SpyEye authors have access to all of ZeuS source code, SpyEye is becoming the main kit available for sale in the underground with even more efficient coding with some additional ZeuS based technologies.

Let's have a closer look at the new variants of SpyEye.

The SpyEye dropper comes in a UPX packed executable. After unpacking the first layer, we are lucky as we could already get to the SpyEye code. Actually, we have some samples which make use of highly-obfuscated decryption code, used for a second stage decryption loop. This second stage decryption loop make uses of its own routine able to get function addresses by parsing library export tables. The function is using name hashes instead of plain-text names. The hash is calculated by an ADD/ROL loop.
SpyEye, the infostealing trojan leader

My System SpecsSystem Spec


 SpyEye, the infostealing trojan leader

Thread Tools

Similar help and support threads
Thread Forum
Official Seven Forums Overclock Leader boards [2]
continued from - Updated ;) 0Agh2tKEY2ibedHNZcjRRZUpfUnc0OVNkY0tyTjFpb3c
PC Custom Builds and Overclocking
Official Seven Forums Overclock Leader boards
The Official Seven Forums Overclock Leaderboards After some discussions between several members, I have created a new leaderboards thread. Obviously there is still the thread, but I thought it would...
PC Custom Builds and Overclocking
India is world leader in spam output
Read more at source: India is world leader in spam output | Security & Privacy - CNET News
Security News
SpyEye Trojan Code Leak Likely to Promote Rapid Proliferation
Source A Guy
Security News
Keeping an Eye on the SpyEye Trojan
More - Keeping an Eye on the SpyEye Trojan — Krebs on Security
Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:46.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App