spyeye banking trojan

 by @iocbucket

sha1:

d31400fc99e241d5dbcffcd3b62ec6cfbbe59226

short description:

spyeye banking trojan

long description:

although the core functionality of spyeye is similar to its main rival zeus, spyeye incorporated many advanced tricks to try and hide its presence on the local system. the unpacked spyeye bot image can begin execution either at the entry point specified in its portable executable header, at a private (non-exported) hook procedure executed when the bot has injected itself into a new process, or at one of two private thread routines that execute when the bot has injected itself into an existing process.