Overview

overview

10

Static

static

5

1e12ba45d2...9N.exe

windows7-x64

10

1e12ba45d2...9N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e12ba45d2bec0a6e9191215147d7cf399d8b90e818ee12fccfd06de4b2b4819N

  • Size

    34KB

  • Sample

    241008-xdmfcatarr

  • MD5

    56a841f291dceaa8f434498fb760d9c0

  • SHA1

    4e5475f4c5f8fde1f1c53cafab7abc8761804d42

  • SHA256

    1e12ba45d2bec0a6e9191215147d7cf399d8b90e818ee12fccfd06de4b2b4819

  • SHA512

    d6b5f32ae1bbb8ff8e73f83a595ac5c5a7ce9c83d980315a1b6d7e5987676909594fa92307520f705d3cfa6be5f18faeaee7ef6d1738d1bfa217a3464f191fa6

  • SSDEEP

    768:Jp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:JpYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      1e12ba45d2bec0a6e9191215147d7cf399d8b90e818ee12fccfd06de4b2b4819N

    • Size

      34KB

    • MD5

      56a841f291dceaa8f434498fb760d9c0

    • SHA1

      4e5475f4c5f8fde1f1c53cafab7abc8761804d42

    • SHA256

      1e12ba45d2bec0a6e9191215147d7cf399d8b90e818ee12fccfd06de4b2b4819

    • SHA512

      d6b5f32ae1bbb8ff8e73f83a595ac5c5a7ce9c83d980315a1b6d7e5987676909594fa92307520f705d3cfa6be5f18faeaee7ef6d1738d1bfa217a3464f191fa6

    • SSDEEP

      768:Jp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:JpYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks