General

  • Target

    NEAS.0dfe76adb3e735011e3ea6345ce76f10_JC.exe

  • Size

    62KB

  • Sample

    231105-cj7cgsbe46

  • MD5

    0dfe76adb3e735011e3ea6345ce76f10

  • SHA1

    9b88b9791cbd07433b555b2b3f9027070d40c062

  • SHA256

    aab77049b3e86f02f087afb73a07421c0902ce70461e1f3032acacc58ed3d5f0

  • SHA512

    17bc4cc0bc3d9bd0fae0ee705524beb8f19931ae0af6efb9f8da47f904552415ab2a3b93c00c87a6ba67a35002f49c4cc53983e8283f6f70c6af7aef92254b74

  • SSDEEP

    768:yi38jm/CGnYr1xWfrr9G2xMSRZWMKNZURoqNpc1X/9TIFL:eqCG2q9ugZ7KZnTTKL

Malware Config

Targets

    • Target

      NEAS.0dfe76adb3e735011e3ea6345ce76f10_JC.exe

    • Size

      62KB

    • MD5

      0dfe76adb3e735011e3ea6345ce76f10

    • SHA1

      9b88b9791cbd07433b555b2b3f9027070d40c062

    • SHA256

      aab77049b3e86f02f087afb73a07421c0902ce70461e1f3032acacc58ed3d5f0

    • SHA512

      17bc4cc0bc3d9bd0fae0ee705524beb8f19931ae0af6efb9f8da47f904552415ab2a3b93c00c87a6ba67a35002f49c4cc53983e8283f6f70c6af7aef92254b74

    • SSDEEP

      768:yi38jm/CGnYr1xWfrr9G2xMSRZWMKNZURoqNpc1X/9TIFL:eqCG2q9ugZ7KZnTTKL

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks