Overview

overview

10

Static

static

5

7eae6da559...04.exe

windows7-x64

10

7eae6da559...04.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7eae6da5597fcb890e8d1921027ed8e2fedb8a62f6481790b827b14b2f821d04.exe

  • Size

    110KB

  • Sample

    241118-prrm8a1qbl

  • MD5

    b00ab29a28c2fccd389511288344f8d3

  • SHA1

    2907a54fc1ae0afe3dbbf2b9b1e91a25dd73c284

  • SHA256

    7eae6da5597fcb890e8d1921027ed8e2fedb8a62f6481790b827b14b2f821d04

  • SHA512

    18978f38ad4b03dd2b56da805fdd5f8290efbc828e23daa4b21587bcef9cfdc74c3365340bd0bacbecf59a9728fff8cfde243cc16a27b2419a421ccc464181a2

  • SSDEEP

    1536:ZiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:ZiyvRmDLs/ZrwWJjAqGcRJ2hQ

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      7eae6da5597fcb890e8d1921027ed8e2fedb8a62f6481790b827b14b2f821d04.exe

    • Size

      110KB

    • MD5

      b00ab29a28c2fccd389511288344f8d3

    • SHA1

      2907a54fc1ae0afe3dbbf2b9b1e91a25dd73c284

    • SHA256

      7eae6da5597fcb890e8d1921027ed8e2fedb8a62f6481790b827b14b2f821d04

    • SHA512

      18978f38ad4b03dd2b56da805fdd5f8290efbc828e23daa4b21587bcef9cfdc74c3365340bd0bacbecf59a9728fff8cfde243cc16a27b2419a421ccc464181a2

    • SSDEEP

      1536:ZiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:ZiyvRmDLs/ZrwWJjAqGcRJ2hQ

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks