tinba | 5af546a50fa83df144ca3a6ab1edbf45a02e84bbbe6e81c6b8c0855b266e9d9b | Triage

Sharing

General

Target

5af546a50fa83df144ca3a6ab1edbf45a02e84bbbe6e81c6b8c0855b266e9d9b
Size

225KB
Sample

240623-1xy52atgpd
MD5

905a46d7300d1f8ebdb0f907fe44ecdb
SHA1

4a92f1b305c786482fe5cdb3a5320fa2c813e7a2
SHA256

5af546a50fa83df144ca3a6ab1edbf45a02e84bbbe6e81c6b8c0855b266e9d9b
SHA512

7aa0c2730db4c9e8edbd699123c09805d03dd27a1860e1cef56e237892131affef831be8dbe7adbb2036ab5988b14b44f6ec9826c591ea50110345b27d9b655e
SSDEEP

6144:VA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:VATuTAnKGwUAW3ycQqgf

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  5af546a50fa83df144ca3a6ab1edbf45a02e84bbbe6e81c6b8c0855b266e9d9b
- Size
  
  225KB
- MD5
  
  905a46d7300d1f8ebdb0f907fe44ecdb
- SHA1
  
  4a92f1b305c786482fe5cdb3a5320fa2c813e7a2
- SHA256
  
  5af546a50fa83df144ca3a6ab1edbf45a02e84bbbe6e81c6b8c0855b266e9d9b
- SHA512
  
  7aa0c2730db4c9e8edbd699123c09805d03dd27a1860e1cef56e237892131affef831be8dbe7adbb2036ab5988b14b44f6ec9826c591ea50110345b27d9b655e
- SSDEEP
  
  6144:VA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:VATuTAnKGwUAW3ycQqgf
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2