tinba | 761848ccb6cde014fd95983fbf07e8157e2702bd485a1559598af5e59631603d | Triage

Sharing

General

Target

761848ccb6cde014fd95983fbf07e8157e2702bd485a1559598af5e59631603d
Size

68KB
Sample

240620-3qdlvsxank
MD5

731f40fedcb866ed2d1b044207e27b2f
SHA1

2997913b86122c2c0fbe8cd1ca537cd05efddcfb
SHA256

761848ccb6cde014fd95983fbf07e8157e2702bd485a1559598af5e59631603d
SHA512

e2a6263f3fe8710374f5544d9bd755174b6fdfcd80986bb2cbba8ae69ddc7cd995e03439ac3d35280f8aacaf66b6cffd9bb764f3d91dc37877dbe09ce9eaabf7
SSDEEP

768:jwaGd7Lw/nrrxDL/GOv2/w6HSa0fYSPNZsxRXQ1d2yg/QmWKHZyiVlaW4OHZ0Em:j47urp3v23HSa0AMNyfQ1d2y4Z4P

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  761848ccb6cde014fd95983fbf07e8157e2702bd485a1559598af5e59631603d
- Size
  
  68KB
- MD5
  
  731f40fedcb866ed2d1b044207e27b2f
- SHA1
  
  2997913b86122c2c0fbe8cd1ca537cd05efddcfb
- SHA256
  
  761848ccb6cde014fd95983fbf07e8157e2702bd485a1559598af5e59631603d
- SHA512
  
  e2a6263f3fe8710374f5544d9bd755174b6fdfcd80986bb2cbba8ae69ddc7cd995e03439ac3d35280f8aacaf66b6cffd9bb764f3d91dc37877dbe09ce9eaabf7
- SSDEEP
  
  768:jwaGd7Lw/nrrxDL/GOv2/w6HSa0fYSPNZsxRXQ1d2yg/QmWKHZyiVlaW4OHZ0Em:j47urp3v23HSa0AMNyfQ1d2y4Z4P
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2

tinbabankerpersistencetrojan