General

  • Target

    696294bbf0c2aa9c3f837134634983348056d02b2609ac42c4ad7f09c6e9a632.exe

  • Size

    49KB

  • Sample

    241117-m9sl5ayfkj

  • MD5

    c5a8aab2c6e10c6944b026e0cef68873

  • SHA1

    12a5064c6cef6978e888ac6665c28c7f7e9363d0

  • SHA256

    696294bbf0c2aa9c3f837134634983348056d02b2609ac42c4ad7f09c6e9a632

  • SHA512

    fe70bd855a109f00b2e57e0a0391aabb71831ad535452a795788a629027617d50bf339aa387ac771dd4c3b2fe3ae8c26943017176fdcc1c66eebb37566737a85

  • SSDEEP

    1536:iOBLXNqgzf2v6b6NkXklZlogHGe9eBXWV:iYLduv6OqXIlogmjWV

Malware Config

Targets

    • Target

      696294bbf0c2aa9c3f837134634983348056d02b2609ac42c4ad7f09c6e9a632.exe

    • Size

      49KB

    • MD5

      c5a8aab2c6e10c6944b026e0cef68873

    • SHA1

      12a5064c6cef6978e888ac6665c28c7f7e9363d0

    • SHA256

      696294bbf0c2aa9c3f837134634983348056d02b2609ac42c4ad7f09c6e9a632

    • SHA512

      fe70bd855a109f00b2e57e0a0391aabb71831ad535452a795788a629027617d50bf339aa387ac771dd4c3b2fe3ae8c26943017176fdcc1c66eebb37566737a85

    • SSDEEP

      1536:iOBLXNqgzf2v6b6NkXklZlogHGe9eBXWV:iYLduv6OqXIlogmjWV

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Tinba family

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks