Intel Name: Unraveling sparkling pisces’s tool set: klogexe and fpspy
Date of Scan: September 27, 2024
Impact: Medium
Summary: The article analyzes two malware samples – KLogEXE, an undocumented keylogger, and a variant of FPSpy – used by the Sparkling Pisces (Kimsuky) threat group. These tools enhance the group’s capabilities, previously seen in a 2022 campaign targeting a South Korean tech conglomerate. Understanding these malware types helps organizations improve their defenses. Palo Alto Networks offers enhanced protection through its security services.