GitHub - 649/APT38-DYEPACK: Reverse engineered APT38
DYEPACK samples used to empty SWIFT banking servers. Use
caution when handling live binaries.
By 649
Archived: 2026-04-05 22:52:07 UTC
Skip to content
Navigation Menu
AI CODE CREATION
GitHub CopilotWrite better code with AI
GitHub SparkBuild and deploy intelligent apps
GitHub ModelsManage and compare prompts
MCP RegistryNewIntegrate external tools
View all features
Pricing
Sign up
Notifications
Fork 9
Star 23
Code
Issues
Pull requests
https://github.com/649/APT38-DYEPACK
Page 1 of 8

Actions
Projects
Security and quality
Insights
Folders and files
Name Name Last commit message Last commit date
Latest commit
649
init
Mar 20, 2019
af3f469 · Mar 20, 2019
History
7 Commits
img img init Mar 20, 2019
sample sample init Mar 20, 2019
.gitattributes .gitattributes 🎉 Added .gitattributes Jan 4, 2019
.gitignore .gitignore init Jan 4, 2019
README.md README.md init Mar 20, 2019
Repository files navigation
README
https://github.com/649/APT38-DYEPACK
Page 2 of 8

APT38 DYEPACK FRAMEWORK
Reverse engineered using IDA Pro + Ghidra. Live binaries are in /sample/binaries.zip
Password: infected
DISCLAIMER
Samples are for malware research ONLY. Do not use decompiled versions of the framework to cause harm, I am
not responsible for any damages caused. Handle live binaries with care, and use a VM for any dynamic analysis.
https://github.com/649/APT38-DYEPACK
Page 3 of 8

https://github.com/649/APT38-DYEPACK
Page 4 of 8

https://github.com/649/APT38-DYEPACK
Page 5 of 8

https://github.com/649/APT38-DYEPACK
Page 6 of 8

About
Reverse engineered APT38 DYEPACK samples used to empty SWIFT banking servers. Use caution when
handling live binaries.
Resources
Readme
https://github.com/649/APT38-DYEPACK
Page 7 of 8

Activity
Stars
23 stars
Watchers
2 watching
Forks
9 forks
Source: https://github.com/649/APT38-DYEPACK
https://github.com/649/APT38-DYEPACK
Page 8 of 8