Overview

overview

10

Static

static

5

90070db720...0N.exe

windows7-x64

10

90070db720...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90070db720c5a2f30754bcbc9573321be1ffdcd53431990c9efed6902232f980N

  • Size

    110KB

  • Sample

    241102-s2vz6sxpey

  • MD5

    56f9cfe6e58ba6322de6146a8d3b08f0

  • SHA1

    dcebed97024d1a8e08847d8ffe750c4f6b9d0294

  • SHA256

    90070db720c5a2f30754bcbc9573321be1ffdcd53431990c9efed6902232f980

  • SHA512

    72a748a19b2ad58f81891b71422ad229e18d12568d98e73bd74489f281c83a9c15532df97906b540d722a444fac6aecc8c1d7c9c025e1f161cfdf4677ef9c5a8

  • SSDEEP

    1536:ZiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:ZiyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      90070db720c5a2f30754bcbc9573321be1ffdcd53431990c9efed6902232f980N

    • Size

      110KB

    • MD5

      56f9cfe6e58ba6322de6146a8d3b08f0

    • SHA1

      dcebed97024d1a8e08847d8ffe750c4f6b9d0294

    • SHA256

      90070db720c5a2f30754bcbc9573321be1ffdcd53431990c9efed6902232f980

    • SHA512

      72a748a19b2ad58f81891b71422ad229e18d12568d98e73bd74489f281c83a9c15532df97906b540d722a444fac6aecc8c1d7c9c025e1f161cfdf4677ef9c5a8

    • SSDEEP

      1536:ZiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:ZiyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks