tinba | aa12a4115a8be8bf7fc6843e437ecce46155af93ef656f1370704b27c7f87ad8 | Triage

Sharing

General

Target

861b951119928b8134a4f449a4e4c3d0_NEIKI
Size

160KB
Sample

240508-bcwrqscf53
MD5

861b951119928b8134a4f449a4e4c3d0
SHA1

cd3ec3e6ef3041b879f095148ff0a61bdb42efa4
SHA256

aa12a4115a8be8bf7fc6843e437ecce46155af93ef656f1370704b27c7f87ad8
SHA512

bf9ac4699b4eb7ea95dbeeb1ee0c3ab2fb78a5f55689457598d83521a05113dc11dd0dfa3c235dbcfa7061c5e0744a94eba49ca5675efa73e777c537d4179709
SSDEEP

1536:UH1kPkZccmK9OM1q6wYV6nBRiOW+bUciXDyeAvX0J7M6QG9wIa82U6q:YAM3ERioem9G9wlxu

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  861b951119928b8134a4f449a4e4c3d0_NEIKI
- Size
  
  160KB
- MD5
  
  861b951119928b8134a4f449a4e4c3d0
- SHA1
  
  cd3ec3e6ef3041b879f095148ff0a61bdb42efa4
- SHA256
  
  aa12a4115a8be8bf7fc6843e437ecce46155af93ef656f1370704b27c7f87ad8
- SHA512
  
  bf9ac4699b4eb7ea95dbeeb1ee0c3ab2fb78a5f55689457598d83521a05113dc11dd0dfa3c235dbcfa7061c5e0744a94eba49ca5675efa73e777c537d4179709
- SSDEEP
  
  1536:UH1kPkZccmK9OM1q6wYV6nBRiOW+bUciXDyeAvX0J7M6QG9wIa82U6q:YAM3ERioem9G9wlxu
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2