9129b9f230b8dd56bcd296811e95ae74cdae3b7a01f3d5d37ec7bacf4522a4c5 | Triage

Submit
Reports

Overview

overview

Static

static

9129b9f230...c5.exe

windows7-x64

9129b9f230...c5.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9129b9f230b8dd56bcd296811e95ae74cdae3b7a01f3d5d37ec7bacf4522a4c5.exe

Resource

win7-20220812-en

tinba banker persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9129b9f230b8dd56bcd296811e95ae74cdae3b7a01f3d5d37ec7bacf4522a4c5.exe

Resource

win10v2004-20220812-en

tinba banker persistence trojan

windows10-2004-x64

5 signatures

150 seconds

General

Target

9129b9f230b8dd56bcd296811e95ae74cdae3b7a01f3d5d37ec7bacf4522a4c5
Size

72KB
MD5

3baff67de21addbeb05830fe0a9f8ca0
SHA1

e60959213655b634f54fc6d617f430eb35ff53c9
SHA256

9129b9f230b8dd56bcd296811e95ae74cdae3b7a01f3d5d37ec7bacf4522a4c5
SHA512

01674b4ada2960c86b6022274ec69b53dc088119d30760493e54d84128a8bf32790b126855c62871570ea98ce499ed4b725455de6ee81740eae2f999a372eb35
SSDEEP

1536:/djiLMPzWFgY7nnEJFUEaapoYtQoxS0l:/djkMPzubE7U5apltQp0l

Score

N/A

Malware Config

Signatures

Files

9129b9f230b8dd56bcd296811e95ae74cdae3b7a01f3d5d37ec7bacf4522a4c5
.exe windows x86

c477d9ab9732c31761cd4dbd05b0694e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
HeapAlloc
CopyFileW
GetModuleHandleA
GetDiskFreeSpaceA
GetDateFormatA
GetDriveTypeW
GetLocaleInfoA
GetLogicalDriveStringsA
lstrcpynW
WriteFile
FindFirstFileW
WaitForSingleObjectEx
GetProcAddress
CreateDirectoryA
GetLocalTime
GetFileSize
CompareStringA
ReplaceFileA

user32

LoadImageA
IsDialogMessageA
CharToOemA
FindWindowA
MessageBoxA
IsCharLowerW
LoadCursorW
LoadStringW
GetMessageW
GetFocus

shimeng

SE_ProcessDying
SE_IsShimDll
SE_InstallBeforeInit

untfs

Chkdsk
FormatEx
Extend

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy