Overview

overview

10

Static

static

7

187fecf9bc...2N.exe

windows7-x64

10

187fecf9bc...2N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    187fecf9bcb66cce0d342a668da4984b501e7a75c2e098bfe4f8e429ecfba422N

  • Size

    34KB

  • Sample

    240921-zsfmfstbpc

  • MD5

    d48cdf877fedfd3e88c0bf4140df9930

  • SHA1

    3661937aa6d3db04850ae0013d0981d540f5f52e

  • SHA256

    187fecf9bcb66cce0d342a668da4984b501e7a75c2e098bfe4f8e429ecfba422

  • SHA512

    44a9bbab4dc4bd3f2ec64448e9cd9041f6cceb6540944a1d85a0be3a6ab8e26a1ba088093a520ddc01cc13f79c97b48f2445f7f3b25b5520373ff9ed6fa9c101

  • SSDEEP

    768:Ep22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:EpYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      187fecf9bcb66cce0d342a668da4984b501e7a75c2e098bfe4f8e429ecfba422N

    • Size

      34KB

    • MD5

      d48cdf877fedfd3e88c0bf4140df9930

    • SHA1

      3661937aa6d3db04850ae0013d0981d540f5f52e

    • SHA256

      187fecf9bcb66cce0d342a668da4984b501e7a75c2e098bfe4f8e429ecfba422

    • SHA512

      44a9bbab4dc4bd3f2ec64448e9cd9041f6cceb6540944a1d85a0be3a6ab8e26a1ba088093a520ddc01cc13f79c97b48f2445f7f3b25b5520373ff9ed6fa9c101

    • SSDEEP

      768:Ep22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:EpYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks