General

  • Target

    NEAS.08a83798d02759199fad68816714b070_JC.exe

  • Size

    49KB

  • Sample

    231011-tw61xsbg74

  • MD5

    08a83798d02759199fad68816714b070

  • SHA1

    ae4595f189865816f5f04ea3576618803a4e1d91

  • SHA256

    a3835b2c2f818bbce848322f315860d599b7e65b658938689c8b9255adb80a47

  • SHA512

    03903110a483f8f931b02393b310f8871afa00d33cabad4fdea318d26b344e9c48b5ab3530556736a269dfce5f403386d7c219b816aa75a3b985f61fa4397883

  • SSDEEP

    1536:cOBLXNqgzf2v6b6NkXklZlogHGe9eBXW:cYLduv6OqXIlogmjW

Malware Config

Targets

    • Target

      NEAS.08a83798d02759199fad68816714b070_JC.exe

    • Size

      49KB

    • MD5

      08a83798d02759199fad68816714b070

    • SHA1

      ae4595f189865816f5f04ea3576618803a4e1d91

    • SHA256

      a3835b2c2f818bbce848322f315860d599b7e65b658938689c8b9255adb80a47

    • SHA512

      03903110a483f8f931b02393b310f8871afa00d33cabad4fdea318d26b344e9c48b5ab3530556736a269dfce5f403386d7c219b816aa75a3b985f61fa4397883

    • SSDEEP

      1536:cOBLXNqgzf2v6b6NkXklZlogHGe9eBXW:cYLduv6OqXIlogmjW

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks