tinba | 653c78ce95354e4c3e7a24d3d33de2eac505cc2fd943992c859418813469c4e8 | Triage

Sharing

General

Target

0f3bfa748a771b5e6498d584c15e6995
Size

168KB
Sample

201117-dtyhx8zs3x
MD5

9a386bbb2de614c64284f2bd63570ff0
SHA1

e3ed06a92cb6fb11b2351ce924350937159d0d16
SHA256

653c78ce95354e4c3e7a24d3d33de2eac505cc2fd943992c859418813469c4e8
SHA512

0668662532992a9dce3987ea18dd0745bf18bc09a8d2cdfb1a505db2c3b404f24736d5c52467e8af4c6a7725e19bdd80c934ea14a6d5b5c262cb8371e5e08c02

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  0f3bfa748a771b5e6498d584c15e6995
- Size
  
  168KB
- MD5
  
  9a386bbb2de614c64284f2bd63570ff0
- SHA1
  
  e3ed06a92cb6fb11b2351ce924350937159d0d16
- SHA256
  
  653c78ce95354e4c3e7a24d3d33de2eac505cc2fd943992c859418813469c4e8
- SHA512
  
  0668662532992a9dce3987ea18dd0745bf18bc09a8d2cdfb1a505db2c3b404f24736d5c52467e8af4c6a7725e19bdd80c934ea14a6d5b5c262cb8371e5e08c02
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2

tinbabankerpersistencetrojan