Overview

overview

10

Static

static

5

3cf5b8e27a...bN.exe

windows7-x64

10

3cf5b8e27a...bN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cf5b8e27a65ab10c6cd04fedb1b471a2c381d0518a98ca4152e3b44940eae6bN.exe

  • Size

    110KB

  • Sample

    241117-jjxllsverm

  • MD5

    aa3d62dfce612fefd36743ede934cc90

  • SHA1

    e77340c0a2d607fa4443b643fe11535e3ab09cca

  • SHA256

    3cf5b8e27a65ab10c6cd04fedb1b471a2c381d0518a98ca4152e3b44940eae6b

  • SHA512

    2300f27abc1d7342925ca90bc666b209fc7ad399a61cdd5093e4dc8cfda00fc0697d1575bc7a0bfa62c5d578cdab84c70c30d39d8a06cc0973a706141a99b45f

  • SSDEEP

    1536:giLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:giyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      3cf5b8e27a65ab10c6cd04fedb1b471a2c381d0518a98ca4152e3b44940eae6bN.exe

    • Size

      110KB

    • MD5

      aa3d62dfce612fefd36743ede934cc90

    • SHA1

      e77340c0a2d607fa4443b643fe11535e3ab09cca

    • SHA256

      3cf5b8e27a65ab10c6cd04fedb1b471a2c381d0518a98ca4152e3b44940eae6b

    • SHA512

      2300f27abc1d7342925ca90bc666b209fc7ad399a61cdd5093e4dc8cfda00fc0697d1575bc7a0bfa62c5d578cdab84c70c30d39d8a06cc0973a706141a99b45f

    • SSDEEP

      1536:giLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:giyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks