Overview

overview

10

Static

static

5

fd0bd6c0cc...1N.exe

windows7-x64

10

fd0bd6c0cc...1N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd0bd6c0cc843f92c2f28f70c4d496976373175887fbdabf27ac7353ea7629a1N

  • Size

    110KB

  • Sample

    241031-e5pexazhpj

  • MD5

    2b285cf292575248d75f8ab143d32500

  • SHA1

    76bd4320e1acf6dc8786a95a8b807147dc7479f4

  • SHA256

    fd0bd6c0cc843f92c2f28f70c4d496976373175887fbdabf27ac7353ea7629a1

  • SHA512

    369e5b07b7bb8f6bf756a3ff25f5617fb108dc2fce76643d6871ef9e5fb9c2ae30989738a66c8d7b8c21aaee205c9cf69e2d85f75ca96bab18b1eb163721bc11

  • SSDEEP

    1536:riLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:riyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      fd0bd6c0cc843f92c2f28f70c4d496976373175887fbdabf27ac7353ea7629a1N

    • Size

      110KB

    • MD5

      2b285cf292575248d75f8ab143d32500

    • SHA1

      76bd4320e1acf6dc8786a95a8b807147dc7479f4

    • SHA256

      fd0bd6c0cc843f92c2f28f70c4d496976373175887fbdabf27ac7353ea7629a1

    • SHA512

      369e5b07b7bb8f6bf756a3ff25f5617fb108dc2fce76643d6871ef9e5fb9c2ae30989738a66c8d7b8c21aaee205c9cf69e2d85f75ca96bab18b1eb163721bc11

    • SSDEEP

      1536:riLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:riyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks