Overview

overview

10

Static

static

5

8671cdb5f4...8b.exe

windows7-x64

10

8671cdb5f4...8b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8671cdb5f474895ddc4b4e5616a8037ca2e03d5bfd0087e61e5b11dae01e7e8b.exe

  • Size

    113KB

  • Sample

    241117-yvl2kswrc1

  • MD5

    e4302d684967bb84560e69c19996ea97

  • SHA1

    c5d530027ca7cdd224dba46b7fc4d1b4a8a246c7

  • SHA256

    8671cdb5f474895ddc4b4e5616a8037ca2e03d5bfd0087e61e5b11dae01e7e8b

  • SHA512

    006254a6c4c1f145eb1d74bc10f62c161d466ce7218152c0a90203dcd8564ca0400c9365632e709807bcebe36e0630faafbeda5ead59bf04d180dacb619af828

  • SSDEEP

    1536:3iLOvRmmQegJfBbmAQ256/ZrwWhwqjhurmKFcbL86WV0Eh:3iyvRmDLs/ZrwWjjAqGcfzWHh

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      8671cdb5f474895ddc4b4e5616a8037ca2e03d5bfd0087e61e5b11dae01e7e8b.exe

    • Size

      113KB

    • MD5

      e4302d684967bb84560e69c19996ea97

    • SHA1

      c5d530027ca7cdd224dba46b7fc4d1b4a8a246c7

    • SHA256

      8671cdb5f474895ddc4b4e5616a8037ca2e03d5bfd0087e61e5b11dae01e7e8b

    • SHA512

      006254a6c4c1f145eb1d74bc10f62c161d466ce7218152c0a90203dcd8564ca0400c9365632e709807bcebe36e0630faafbeda5ead59bf04d180dacb619af828

    • SSDEEP

      1536:3iLOvRmmQegJfBbmAQ256/ZrwWhwqjhurmKFcbL86WV0Eh:3iyvRmDLs/ZrwWjjAqGcfzWHh

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks