tinba | 7ec2897bacf6792a7327ae3b1e291b1fb5caa5c8acf08de9efc03a22a61b4c6d | Triage

Submit
Reports

Overview

overview

Static

static

7

2e84832fd9...b6.exe

windows7-x64

2e84832fd9...b6.exe

windows10-2004-x64

Sharing

General

Target

7ec2897bacf6792a7327ae3b1e291b1fb5caa5c8acf08de9efc03a22a61b4c6d
Size

48KB
Sample

240901-1h285stanf
MD5

0f814077baf985b9a5f416101e45c703
SHA1

81a45f8483a20149376d7e42cd61ca77f4e5e723
SHA256

7ec2897bacf6792a7327ae3b1e291b1fb5caa5c8acf08de9efc03a22a61b4c6d
SHA512

4189a962608e4f0219449181678d6927d01baaca820658b7c09e0cc18e862f5a4dc9c16bf7de4b6a9e87d4ab1074df8f5930b0788973b1904a5c808d38661295
SSDEEP

768:WBA700GDfKYvesfrpmxSfk508agGU62CpkAHP/jnxg4nHJzwmLnG8rT7P0j8N5:WmY0GDfK/sTQkcq0ATnxgkEmprTL48T

Score

10^/10

tinba banker discovery persistence trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2e84832fd9d1c23ffd39778bb91fb6f07751aa11367d47a3e278c6a813376cb6.exe

Resource

win7-20240704-en

tinba banker discovery persistence trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2e84832fd9d1c23ffd39778bb91fb6f07751aa11367d47a3e278c6a813376cb6.exe

Resource

win10v2004-20240802-en

tinba banker discovery persistence trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2e84832fd9d1c23ffd39778bb91fb6f07751aa11367d47a3e278c6a813376cb6
- Size
  
  104KB
- MD5
  
  cf6bc6cb00d4876ab0595e3d1c0abe7a
- SHA1
  
  62531cd3e741007de0bf25aa6788b230dbebb2d2
- SHA256
  
  2e84832fd9d1c23ffd39778bb91fb6f07751aa11367d47a3e278c6a813376cb6
- SHA512
  
  ca84769f72add111567ac52904a850ba4850597b4eb16988431a24ff602c5cc079c4a847dbd787d3c0f9bfb1a08146aa425b498fbfa8a1ad56dc808d4a6ecf5c
- SSDEEP
  
  1536:ID/AwPx+riFFG1l/m3wEeQqjh+rmKVsWiVPsrhSBXUc/z:IDBYnFE2jwqWsWMfXnz
Score

10^/10

tinba banker discovery persistence trojan upx
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojanupx

behavioral2

tinbabankerdiscoverypersistencetrojanupx

© 2018-2025

Terms | Privacy