tinba | d3fd954c1f5eec440d23a1e236cb6ff7c2ef1382206423081261d4707b321215 | Triage

Sharing

General

Target

d3fd954c1f5eec440d23a1e236cb6ff7c2ef1382206423081261d4707b321215.exe
Size

58KB
Sample

241121-bxy3laskfp
MD5

5c89dad44a3633266714490c3f01f2f1
SHA1

b6a40eb1acd53b97d132e5004d6115450a2a17bf
SHA256

d3fd954c1f5eec440d23a1e236cb6ff7c2ef1382206423081261d4707b321215
SHA512

baf6fa9297a8fc1dd81c82b160ac8cfa2a3dfa6ac24e55ae553e5216282fcceb50d31e915b8ac8ea92e4234bee6d4a031c5602f0f9a56f4166f29c8152e5f874
SSDEEP

768:RM5WaKyBevI8OHKA+hmXid6Z9HUEMyerTAzwavKCFC/nGVykmBdwxkpNZsv:S5P2vIg7dNrTAzZv3FaGU5LRm

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  d3fd954c1f5eec440d23a1e236cb6ff7c2ef1382206423081261d4707b321215.exe
- Size
  
  58KB
- MD5
  
  5c89dad44a3633266714490c3f01f2f1
- SHA1
  
  b6a40eb1acd53b97d132e5004d6115450a2a17bf
- SHA256
  
  d3fd954c1f5eec440d23a1e236cb6ff7c2ef1382206423081261d4707b321215
- SHA512
  
  baf6fa9297a8fc1dd81c82b160ac8cfa2a3dfa6ac24e55ae553e5216282fcceb50d31e915b8ac8ea92e4234bee6d4a031c5602f0f9a56f4166f29c8152e5f874
- SSDEEP
  
  768:RM5WaKyBevI8OHKA+hmXid6Z9HUEMyerTAzwavKCFC/nGVykmBdwxkpNZsv:S5P2vIg7dNrTAzZv3FaGU5LRm
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2