General

  • Target

    NEAS.e2f582e8058b88f28fe04095ed8450d0_JC.exe

  • Size

    49KB

  • Sample

    231105-gbepqadc47

  • MD5

    e2f582e8058b88f28fe04095ed8450d0

  • SHA1

    46f3e136baee391fd89cb47910fd2d2fd9f65c24

  • SHA256

    f668e1aa074283236c063a97c3b5e8b974604c514b4fbfd1b135e331887cde02

  • SHA512

    aa5174a3447613a29cb20dc496bd54a6e018096c2b34851042a60bfdda53674fc3b204e16d39c074b9c653d7e0b229ed39292478b04bcff6ac6208aaa48d3b1d

  • SSDEEP

    1536:NOBLXNqgzf2v6b6NkXklZlogHGe9eBXW:NYLduv6OqXIlogmjW

Malware Config

Targets

    • Target

      NEAS.e2f582e8058b88f28fe04095ed8450d0_JC.exe

    • Size

      49KB

    • MD5

      e2f582e8058b88f28fe04095ed8450d0

    • SHA1

      46f3e136baee391fd89cb47910fd2d2fd9f65c24

    • SHA256

      f668e1aa074283236c063a97c3b5e8b974604c514b4fbfd1b135e331887cde02

    • SHA512

      aa5174a3447613a29cb20dc496bd54a6e018096c2b34851042a60bfdda53674fc3b204e16d39c074b9c653d7e0b229ed39292478b04bcff6ac6208aaa48d3b1d

    • SSDEEP

      1536:NOBLXNqgzf2v6b6NkXklZlogHGe9eBXW:NYLduv6OqXIlogmjW

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks