General

  • Target

    d0a2144241446d6a414f08600f72af32e834792dde897920e745bd515551ffc8

  • Size

    52KB

  • Sample

    221126-nnry5sbd57

  • MD5

    a3837377a2e405a40acc6f210dc4f963

  • SHA1

    af0bfe4e86ce4e7ddd386abdd4453da9e621798e

  • SHA256

    d0a2144241446d6a414f08600f72af32e834792dde897920e745bd515551ffc8

  • SHA512

    e9463d12dd5a036e6e11411ab021016ff92faecd962a96dfe3edb9fcc76407fcdf0d42cfbd616e6d01285568e6b4bb3aaed7e5dcfcdadb3215d70af8352e1e84

  • SSDEEP

    768:dN8xwhvqb8IoCU2DZl9x8D20NttTpsz3WCq6pnmpNfhUOuN1WnU4kiAO2TW:d8eSdPnj2bTCzDqHNp2N1BziAO2TW

Malware Config

Targets

    • Target

      d0a2144241446d6a414f08600f72af32e834792dde897920e745bd515551ffc8

    • Size

      52KB

    • MD5

      a3837377a2e405a40acc6f210dc4f963

    • SHA1

      af0bfe4e86ce4e7ddd386abdd4453da9e621798e

    • SHA256

      d0a2144241446d6a414f08600f72af32e834792dde897920e745bd515551ffc8

    • SHA512

      e9463d12dd5a036e6e11411ab021016ff92faecd962a96dfe3edb9fcc76407fcdf0d42cfbd616e6d01285568e6b4bb3aaed7e5dcfcdadb3215d70af8352e1e84

    • SSDEEP

      768:dN8xwhvqb8IoCU2DZl9x8D20NttTpsz3WCq6pnmpNfhUOuN1WnU4kiAO2TW:d8eSdPnj2bTCzDqHNp2N1BziAO2TW

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks