General

  • Target

    7679db542a305b539835a449c0c45bb189a049319e31ff07d28597ebb0157ebb

  • Size

    45KB

  • Sample

    221126-ntcfmsbf25

  • MD5

    205be4bfe8e7fa9812388b2cd80e535e

  • SHA1

    e43d8b2751017c0fe815fa3bdcd90fb620389798

  • SHA256

    7679db542a305b539835a449c0c45bb189a049319e31ff07d28597ebb0157ebb

  • SHA512

    a878ca368c8bb12b9a6e75ee00308d6d531b2020612f01c04fcf086b49457424ff63d1574a5031219d56cec969af0a34909f2fb8c809356156d9c4a64072a324

  • SSDEEP

    768:oTYrljgxDrri6qewO2VuLnDm6thGYkH4JuxUul/w7S1Z0:ocjgdri7egVYDXT9i4o7/OS1u

Malware Config

Targets

    • Target

      7679db542a305b539835a449c0c45bb189a049319e31ff07d28597ebb0157ebb

    • Size

      45KB

    • MD5

      205be4bfe8e7fa9812388b2cd80e535e

    • SHA1

      e43d8b2751017c0fe815fa3bdcd90fb620389798

    • SHA256

      7679db542a305b539835a449c0c45bb189a049319e31ff07d28597ebb0157ebb

    • SHA512

      a878ca368c8bb12b9a6e75ee00308d6d531b2020612f01c04fcf086b49457424ff63d1574a5031219d56cec969af0a34909f2fb8c809356156d9c4a64072a324

    • SSDEEP

      768:oTYrljgxDrri6qewO2VuLnDm6thGYkH4JuxUul/w7S1Z0:ocjgdri7egVYDXT9i4o7/OS1u

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks