Overview

overview

10

Static

static

5

881779ff82...8N.exe

windows7-x64

10

881779ff82...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    881779ff82d4a843f5a72f67a7e089dc8d4c28ac26e5652996d927092be75418N

  • Size

    34KB

  • Sample

    241002-z9hs5s1epc

  • MD5

    af6d670c43167b010dd82f44cf76c310

  • SHA1

    f9ef679565db948661a943fe37ff416079319a34

  • SHA256

    881779ff82d4a843f5a72f67a7e089dc8d4c28ac26e5652996d927092be75418

  • SHA512

    d0f7b2d9a8ad2ce3c0f060cf841d77b131d8bae574faf3f51a519ac87b174c49ddd3fdcb39bb41f4cc42d6268d01359e2a8edd2049484686ee6b85a3970c26ef

  • SSDEEP

    768:bp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:bpYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      881779ff82d4a843f5a72f67a7e089dc8d4c28ac26e5652996d927092be75418N

    • Size

      34KB

    • MD5

      af6d670c43167b010dd82f44cf76c310

    • SHA1

      f9ef679565db948661a943fe37ff416079319a34

    • SHA256

      881779ff82d4a843f5a72f67a7e089dc8d4c28ac26e5652996d927092be75418

    • SHA512

      d0f7b2d9a8ad2ce3c0f060cf841d77b131d8bae574faf3f51a519ac87b174c49ddd3fdcb39bb41f4cc42d6268d01359e2a8edd2049484686ee6b85a3970c26ef

    • SSDEEP

      768:bp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:bpYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks