Overview

overview

10

Static

static

7

ea8ee68cf4...20.exe

windows7-x64

10

ea8ee68cf4...20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7b95eac1b931fe6d79317936c605cfc0c1cb16d0f1aaeed6777ab154e0adc102

  • Size

    32KB

  • Sample

    240904-m1yf1syckn

  • MD5

    ea2c7f5175888057ae6abc8fa362937a

  • SHA1

    547a80a842acc056258b044db4544c9b6dd526a0

  • SHA256

    7b95eac1b931fe6d79317936c605cfc0c1cb16d0f1aaeed6777ab154e0adc102

  • SHA512

    1d203b6242e14dbf0699a8ee8f44744986f507f709b24fc169330053959e3285a1c733cc995a20f492150871eb7804cb0b3ce5c0698c6e02c97df011bacd51aa

  • SSDEEP

    768:vF1neGISQw/B+TcOEF8A2lTyABTWKSBLPcCyJkck:91QSQyVOEF8A2yABTGLEJkck

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      ea8ee68cf4d19e1a8e6760280a5cc78b8291e71378f0baff6a48b29f68114e20

    • Size

      34KB

    • MD5

      715ed023967bd6335dab9e676e2e23d7

    • SHA1

      b36933c98b9ab855acf2c6251b979b3b7f01a518

    • SHA256

      ea8ee68cf4d19e1a8e6760280a5cc78b8291e71378f0baff6a48b29f68114e20

    • SHA512

      5376dcdd35d188415e5358850e3015f9203ab69c0f7945734774f2e358d2b81586b6c3055c05ba60b9b8fdadbedd009c19ef70a625df0fd6045cb7881e78f8de

    • SSDEEP

      768:hp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:hpYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks