tinba | 47ea2f6c893753b726f6192d5a14c681fe0c2da7c741341965cf449be81c18ab | Triage

Sharing

General

Target

4b1cc55485401ff64c0b4fd074f941eb
Size

152KB
Sample

201117-az9z7fh2f6
MD5

0c006c2d559220f0f18cbd99f6924674
SHA1

91fac222a17f3fff564f2c89aac41dd74793eb54
SHA256

47ea2f6c893753b726f6192d5a14c681fe0c2da7c741341965cf449be81c18ab
SHA512

f925f7189f70fc73736d7b5fa65ae5f86aa93dfb74f240d79ecb6b144f053a75932c071b3b9c7d2053c516d0f873875ee9c55c3473e6c092fb3e6b44f0592951

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  4b1cc55485401ff64c0b4fd074f941eb
- Size
  
  152KB
- MD5
  
  0c006c2d559220f0f18cbd99f6924674
- SHA1
  
  91fac222a17f3fff564f2c89aac41dd74793eb54
- SHA256
  
  47ea2f6c893753b726f6192d5a14c681fe0c2da7c741341965cf449be81c18ab
- SHA512
  
  f925f7189f70fc73736d7b5fa65ae5f86aa93dfb74f240d79ecb6b144f053a75932c071b3b9c7d2053c516d0f873875ee9c55c3473e6c092fb3e6b44f0592951
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2

tinbabankerpersistencetrojan