Overview

overview

10

Static

static

5

977ce1ef29...4N.exe

windows7-x64

10

977ce1ef29...4N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    977ce1ef29b147ac14519b3077ff04bb583cf370614cc3f7f69e794ba82087d4N

  • Size

    110KB

  • Sample

    241105-kxwrxayglr

  • MD5

    ad2948036226162a59dc834bc1e14d60

  • SHA1

    8c7ad8bfab90cb7c1d154ceb7718009207caa62a

  • SHA256

    977ce1ef29b147ac14519b3077ff04bb583cf370614cc3f7f69e794ba82087d4

  • SHA512

    75a811ad021e50e55aacdf4b689358af4ee93fbd03274cd58a1c6561f4bbd0a24dbe5964873d171c210c131c8c0afaaa4c315ec59762fc704cad14d1a61e1159

  • SSDEEP

    1536:IiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:IiyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      977ce1ef29b147ac14519b3077ff04bb583cf370614cc3f7f69e794ba82087d4N

    • Size

      110KB

    • MD5

      ad2948036226162a59dc834bc1e14d60

    • SHA1

      8c7ad8bfab90cb7c1d154ceb7718009207caa62a

    • SHA256

      977ce1ef29b147ac14519b3077ff04bb583cf370614cc3f7f69e794ba82087d4

    • SHA512

      75a811ad021e50e55aacdf4b689358af4ee93fbd03274cd58a1c6561f4bbd0a24dbe5964873d171c210c131c8c0afaaa4c315ec59762fc704cad14d1a61e1159

    • SSDEEP

      1536:IiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:IiyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks