tinba | 38d16e18bf59b0e170405b2fde743a6f9e57d37cee774458036aae92619d221a | Triage

Sharing

General

Target

38d16e18bf59b0e170405b2fde743a6f9e57d37cee774458036aae92619d221a
Size

69KB
Sample

210511-7ljm8zqt62
MD5

4e9fcd33f8ae7d02858946f86ce0a520
SHA1

9269c7fc51b6c424f7f81c9f9a9c5b0a96aab183
SHA256

38d16e18bf59b0e170405b2fde743a6f9e57d37cee774458036aae92619d221a
SHA512

4723a380921184bdbd51ac677fab270c742a65baf60cba7b5e1e845254915cf32d40e37ea796a76193a12607e0f1957e5c29c2c3371f0f834cb1504a4cfaa7ba

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  38d16e18bf59b0e170405b2fde743a6f9e57d37cee774458036aae92619d221a
- Size
  
  69KB
- MD5
  
  4e9fcd33f8ae7d02858946f86ce0a520
- SHA1
  
  9269c7fc51b6c424f7f81c9f9a9c5b0a96aab183
- SHA256
  
  38d16e18bf59b0e170405b2fde743a6f9e57d37cee774458036aae92619d221a
- SHA512
  
  4723a380921184bdbd51ac677fab270c742a65baf60cba7b5e1e845254915cf32d40e37ea796a76193a12607e0f1957e5c29c2c3371f0f834cb1504a4cfaa7ba
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2

tinbabankerpersistencetrojan