tinba | 88704654e7e3020485669ab1665ea256f83924fa35f913848788c02647f3960c | Triage

Sharing

General

Target

88704654e7e3020485669ab1665ea256f83924fa35f913848788c02647f3960c
Size

225KB
Sample

240624-3jewca1erj
MD5

05a51d0bfb76a82612192466a1ce3749
SHA1

dfb069388c182d00bb992c949f67550c915dda59
SHA256

88704654e7e3020485669ab1665ea256f83924fa35f913848788c02647f3960c
SHA512

3c2dc6692cd6fd1c44763689256bb00ab3bc2ed42faabd3f5b3a74f32a4e37f1d2000df20cd505855f480ea352e42c1d25bc73f6ef7e054a1e3868e5215b5602
SSDEEP

6144:DA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:DATuTAnKGwUAW3ycQqgf

Score

10^/10

tinba banker persistence trojan

Malware Config

Targets

- Target
  
  88704654e7e3020485669ab1665ea256f83924fa35f913848788c02647f3960c
- Size
  
  225KB
- MD5
  
  05a51d0bfb76a82612192466a1ce3749
- SHA1
  
  dfb069388c182d00bb992c949f67550c915dda59
- SHA256
  
  88704654e7e3020485669ab1665ea256f83924fa35f913848788c02647f3960c
- SHA512
  
  3c2dc6692cd6fd1c44763689256bb00ab3bc2ed42faabd3f5b3a74f32a4e37f1d2000df20cd505855f480ea352e42c1d25bc73f6ef7e054a1e3868e5215b5602
- SSDEEP
  
  6144:DA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:DATuTAnKGwUAW3ycQqgf
Score

10^/10

tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

tinbabankerpersistencetrojan

behavioral2