tinba | c6accca63ac46d9c9ea86a0be19f9ef307f831363990ad173bd835129efade9d | Triage

Submit
Reports

Overview

overview

Static

static

7

58a5c3da58...7d.exe

windows7-x64

58a5c3da58...7d.exe

windows10-2004-x64

Sharing

General

Target

c6accca63ac46d9c9ea86a0be19f9ef307f831363990ad173bd835129efade9d
Size

32KB
Sample

240901-q1p2essckk
MD5

724baea02f2b786250085f3a59822ef4
SHA1

64187bffa9646ce6cd9de07877e2d161949d85c0
SHA256

c6accca63ac46d9c9ea86a0be19f9ef307f831363990ad173bd835129efade9d
SHA512

6925fdbb9fda233f29decfe5968970ad5295ae07572c976e2b55fec0c01e63a26636b9d8f9dfd780cfa6608469e30ee0d44e2dd126ba257c1c09f4d360f97e41
SSDEEP

768:KtC/qjETeGEHKMG/hDwYjHsp32PsSvv9NNttY:N2tDHKMG/zHsx2VX9NN3Y

Score

10^/10

tinba banker discovery persistence trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

58a5c3da58ba1fe901146c4ff7cf5b8008b5d9b1422669bb345c1d10428ca77d.exe

Resource

win7-20240729-en

tinba banker discovery persistence trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

58a5c3da58ba1fe901146c4ff7cf5b8008b5d9b1422669bb345c1d10428ca77d.exe

Resource

win10v2004-20240802-en

tinba banker discovery persistence trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  58a5c3da58ba1fe901146c4ff7cf5b8008b5d9b1422669bb345c1d10428ca77d
- Size
  
  34KB
- MD5
  
  3d58c01552f7aa46c3488c1d3f6aa097
- SHA1
  
  75c6573f16141d494d19804083bb97883b24be40
- SHA256
  
  58a5c3da58ba1fe901146c4ff7cf5b8008b5d9b1422669bb345c1d10428ca77d
- SHA512
  
  34e0b02d1190cde03d09f5ba5e2d9d78169202f9c361376932226081f37246d4910b4ea9d79a3940e68b4aa9f0a2b390b45b47ef110d96b2d119d78d882b7936
- SSDEEP
  
  768:pp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:ppYoX58z1uirL98xMWnT0OQ9J2
Score

10^/10

tinba banker discovery persistence trojan upx
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojanupx

behavioral2

tinbabankerdiscoverypersistencetrojanupx

© 2018-2025

Terms | Privacy