Overview

overview

10

Static

static

b70098f14c...1d.exe

windows7_x64

10

b70098f14c...1d.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b70098f14c366d6088c8075f2967e682ad10ded177be38cc1f3ab91881886f1d

  • Size

    98KB

  • Sample

    210513-ktbrmbmg82

  • MD5

    ba9a863ee56789ab796c5a83008596ee

  • SHA1

    6e320537ec2dd84f763b76751c06f55ef5cd9233

  • SHA256

    b70098f14c366d6088c8075f2967e682ad10ded177be38cc1f3ab91881886f1d

  • SHA512

    f1e4ccef60b4b8bfbb62814dd28eadc1684444ebf6c1ac6482ff0cad9431333b182994e344af4f5c2a7c4b1b845ed6fa73c4ec2806ffbf8f8bc287c122c6a528

Score
10/10
tinbabankerpersistencetrojan

Malware Config

Targets

    • Target

      b70098f14c366d6088c8075f2967e682ad10ded177be38cc1f3ab91881886f1d

    • Size

      98KB

    • MD5

      ba9a863ee56789ab796c5a83008596ee

    • SHA1

      6e320537ec2dd84f763b76751c06f55ef5cd9233

    • SHA256

      b70098f14c366d6088c8075f2967e682ad10ded177be38cc1f3ab91881886f1d

    • SHA512

      f1e4ccef60b4b8bfbb62814dd28eadc1684444ebf6c1ac6482ff0cad9431333b182994e344af4f5c2a7c4b1b845ed6fa73c4ec2806ffbf8f8bc287c122c6a528

    Score
    10/10
    tinbabankerpersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks