tinba | 1ffe67e2537a083a9bad5bc27721808f290502940e089764e09242b53bd7a525 | Triage

Sharing

General

Target

1ffe67e2537a083a9bad5bc27721808f290502940e089764e09242b53bd7a525
Size

106KB
Sample

240614-x76fbaxakp
MD5

5b37369649f9d82d8de7d5e5cf08a493
SHA1

7695707320b1dd1fca5eadcbd1d8a7313b47f0c4
SHA256

1ffe67e2537a083a9bad5bc27721808f290502940e089764e09242b53bd7a525
SHA512

ccc2c8aa052d5fbd0b3744cef324b40e291053173943c9f1d38a24d96be779cd98922c38355a10c22ea25a5978b33c40f6f10dfa4ba4f0cb6d5e0a2e79fbf32e
SSDEEP

768:j+6p+OMlgGXCWhfDzU7f0JDgi9I57+sByZ+XsfXpwtG9ipelU9JA:j+mFM2QXtZgi9Iksu+XM57ipeq9JA

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  1ffe67e2537a083a9bad5bc27721808f290502940e089764e09242b53bd7a525
- Size
  
  106KB
- MD5
  
  5b37369649f9d82d8de7d5e5cf08a493
- SHA1
  
  7695707320b1dd1fca5eadcbd1d8a7313b47f0c4
- SHA256
  
  1ffe67e2537a083a9bad5bc27721808f290502940e089764e09242b53bd7a525
- SHA512
  
  ccc2c8aa052d5fbd0b3744cef324b40e291053173943c9f1d38a24d96be779cd98922c38355a10c22ea25a5978b33c40f6f10dfa4ba4f0cb6d5e0a2e79fbf32e
- SSDEEP
  
  768:j+6p+OMlgGXCWhfDzU7f0JDgi9I57+sByZ+XsfXpwtG9ipelU9JA:j+mFM2QXtZgi9Iksu+XM57ipeq9JA
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2

tinbabankerpersistencetrojan