Resubmissions

27-11-2023 08:13

231127-j4ksjsfc4w 10

29-10-2022 00:05

221029-add3msddbp 10

General

  • Target

    ce89251c64e775fc7c2a61e6a601e832244e3f1f0668d19eac421dff8d1956d5

  • Size

    148KB

  • Sample

    221029-add3msddbp

  • MD5

    002996b20f729826f491f41a41ce7020

  • SHA1

    afca095abc9ce5b77a32c1d36abd5bc60770e967

  • SHA256

    ce89251c64e775fc7c2a61e6a601e832244e3f1f0668d19eac421dff8d1956d5

  • SHA512

    892c73cf100e958c3811d0d8aa7d9ba18cf0bcfbf0807f9ae8ce12422075fbca334d3c314438978f5908860208c5b074b316ec80adf51bd1d7d22db0a085239b

  • SSDEEP

    1536:gFboDGLlb2EDOA0f63luk+t1uDmV+2Po+I0whO9ChAf/dQ22ERKOreG3GBqkJZ50:kLVi7a+t1uA+vgDHG22EY6bk9G2qX

Malware Config

Targets

    • Target

      ce89251c64e775fc7c2a61e6a601e832244e3f1f0668d19eac421dff8d1956d5

    • Size

      148KB

    • MD5

      002996b20f729826f491f41a41ce7020

    • SHA1

      afca095abc9ce5b77a32c1d36abd5bc60770e967

    • SHA256

      ce89251c64e775fc7c2a61e6a601e832244e3f1f0668d19eac421dff8d1956d5

    • SHA512

      892c73cf100e958c3811d0d8aa7d9ba18cf0bcfbf0807f9ae8ce12422075fbca334d3c314438978f5908860208c5b074b316ec80adf51bd1d7d22db0a085239b

    • SSDEEP

      1536:gFboDGLlb2EDOA0f63luk+t1uDmV+2Po+I0whO9ChAf/dQ22ERKOreG3GBqkJZ50:kLVi7a+t1uA+vgDHG22EY6bk9G2qX

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks