Overview

overview

10

Static

static

5

a59735511b...aN.exe

windows7-x64

10

a59735511b...aN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a59735511bf5408385fc3b88880de2d08d62ad8ba76be4f1359eb95ee5d8bf5aN

  • Size

    34KB

  • Sample

    241014-xx3axa1gne

  • MD5

    ccc3629461542e1e51f8be3d3ff6d9e0

  • SHA1

    0caea324df8163e5c19262aaef86f6d8ef8b9d87

  • SHA256

    a59735511bf5408385fc3b88880de2d08d62ad8ba76be4f1359eb95ee5d8bf5a

  • SHA512

    216122f7ae20379ea5ec4ae2054ec7f49d0b87c54ef0aacf007e1c34a13bd2aa825b9b034fee50df79408433f51f6792c57dff5c428fda32665f368d673b915c

  • SSDEEP

    768:ip22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:ipYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      a59735511bf5408385fc3b88880de2d08d62ad8ba76be4f1359eb95ee5d8bf5aN

    • Size

      34KB

    • MD5

      ccc3629461542e1e51f8be3d3ff6d9e0

    • SHA1

      0caea324df8163e5c19262aaef86f6d8ef8b9d87

    • SHA256

      a59735511bf5408385fc3b88880de2d08d62ad8ba76be4f1359eb95ee5d8bf5a

    • SHA512

      216122f7ae20379ea5ec4ae2054ec7f49d0b87c54ef0aacf007e1c34a13bd2aa825b9b034fee50df79408433f51f6792c57dff5c428fda32665f368d673b915c

    • SSDEEP

      768:ip22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:ipYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks