tinba | f9875027c32570476210f5b5edafde3834895f7a7e9207bb14daca3672dbc4be | Triage

Sharing

General

Target

f9875027c32570476210f5b5edafde3834895f7a7e9207bb14daca3672dbc4be
Size

237KB
Sample

240610-ya2xasybrk
MD5

e300e0a15accd2c3fb09bb7e4320fb6f
SHA1

3c8d1608ba66a26d0a0252e28e2f0db6a37e2759
SHA256

f9875027c32570476210f5b5edafde3834895f7a7e9207bb14daca3672dbc4be
SHA512

d168430980848b0fba57e2b46fc8a37747aea29e64b24b2f9bf7a66e30c348524014c87a2b72fef0ecee3ef96708ef0bec5c6d051b396817853179f532f02dcf
SSDEEP

6144:pA2P27yTAnKGw0hjFhSR/W1nyAJ9v0pMtRCpYQ:pATuTAnKGwUAWVycQqgj

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  f9875027c32570476210f5b5edafde3834895f7a7e9207bb14daca3672dbc4be
- Size
  
  237KB
- MD5
  
  e300e0a15accd2c3fb09bb7e4320fb6f
- SHA1
  
  3c8d1608ba66a26d0a0252e28e2f0db6a37e2759
- SHA256
  
  f9875027c32570476210f5b5edafde3834895f7a7e9207bb14daca3672dbc4be
- SHA512
  
  d168430980848b0fba57e2b46fc8a37747aea29e64b24b2f9bf7a66e30c348524014c87a2b72fef0ecee3ef96708ef0bec5c6d051b396817853179f532f02dcf
- SSDEEP
  
  6144:pA2P27yTAnKGw0hjFhSR/W1nyAJ9v0pMtRCpYQ:pATuTAnKGwUAWVycQqgj
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2