Overview

overview

10

Static

static

5

46675dc2f7...2N.exe

windows7-x64

10

46675dc2f7...2N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46675dc2f7846981f2b9c3f0f2471baa1c8cbf84e3f23f1cc70484290b207772N

  • Size

    110KB

  • Sample

    241028-le22mswajf

  • MD5

    abc95ccabbc5b8c32c9932022fead9f0

  • SHA1

    563db8fb8b1d8ff32e3da5a38eb00e16c567cd0d

  • SHA256

    46675dc2f7846981f2b9c3f0f2471baa1c8cbf84e3f23f1cc70484290b207772

  • SHA512

    d59009310602925ce175a611f594bebd3f0ea6d0b04ed56eceff466428fa0312aca8ee4e245c806e6d9a5b6d2329c31e87d9ee4d6205afcf09cb7b44fe28e309

  • SSDEEP

    1536:OiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:OiyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      46675dc2f7846981f2b9c3f0f2471baa1c8cbf84e3f23f1cc70484290b207772N

    • Size

      110KB

    • MD5

      abc95ccabbc5b8c32c9932022fead9f0

    • SHA1

      563db8fb8b1d8ff32e3da5a38eb00e16c567cd0d

    • SHA256

      46675dc2f7846981f2b9c3f0f2471baa1c8cbf84e3f23f1cc70484290b207772

    • SHA512

      d59009310602925ce175a611f594bebd3f0ea6d0b04ed56eceff466428fa0312aca8ee4e245c806e6d9a5b6d2329c31e87d9ee4d6205afcf09cb7b44fe28e309

    • SSDEEP

      1536:OiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:OiyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks