tinba | 147766797ffb225381cad26846fad2c370fcbcd44316e9a193a23d00cb3707b9 | Triage

Sharing

General

Target

147766797ffb225381cad26846fad2c370fcbcd44316e9a193a23d00cb3707b9N
Size

59KB
Sample

241109-qdr79svelq
MD5

f42702d6f407d06841ba7c59e2e05400
SHA1

6998bdb0e45f38063725a24d8920743e91849894
SHA256

147766797ffb225381cad26846fad2c370fcbcd44316e9a193a23d00cb3707b9
SHA512

86b7853e788dd7dde59fa3c90744d30f0b636974aa5b848aa31292da5144dc0f635916475d40200caeaa01ca988d317eadfe99c0bf35962f82b38735b91254b6
SSDEEP

768:K+6p+OMlgGMCWhfDzU7f7JDgiFP7xI57+sByZ+XsfXpwtGc9J1:K+mFM2HXKZgiFP7xIksu+XM5O9J1

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  147766797ffb225381cad26846fad2c370fcbcd44316e9a193a23d00cb3707b9N
- Size
  
  59KB
- MD5
  
  f42702d6f407d06841ba7c59e2e05400
- SHA1
  
  6998bdb0e45f38063725a24d8920743e91849894
- SHA256
  
  147766797ffb225381cad26846fad2c370fcbcd44316e9a193a23d00cb3707b9
- SHA512
  
  86b7853e788dd7dde59fa3c90744d30f0b636974aa5b848aa31292da5144dc0f635916475d40200caeaa01ca988d317eadfe99c0bf35962f82b38735b91254b6
- SSDEEP
  
  768:K+6p+OMlgGMCWhfDzU7f7JDgiFP7xI57+sByZ+XsfXpwtGc9J1:K+mFM2HXKZgiFP7xIksu+XM5O9J1
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2

tinbabankerdiscoverypersistencetrojan