tinba | e49dedfc7adf071bb61e7dd65a8dd65b922e389ecda057cbe52f37cfa01e24f5 | Triage

Sharing

General

Target

e49dedfc7adf071bb61e7dd65a8dd65b922e389ecda057cbe52f37cfa01e24f5.exe
Size

88KB
Sample

241121-gjmejayrbz
MD5

8c1039116099234b55237c11505d6d5b
SHA1

9e1d0c3965d09f9abb74cc021d75d37216524a62
SHA256

e49dedfc7adf071bb61e7dd65a8dd65b922e389ecda057cbe52f37cfa01e24f5
SHA512

82ad8deb691f344719bbdfe1c853d6f85079167ac16b63250ccc9bc7ed819a54edd52cef43076bf3f2b7d36f7f2c255f2a582597737b582e18cfd60e9c873968
SSDEEP

1536:A5nfmIpxDWbUfd3aOPmxxEhvgCooXqRQqjh+rmKVsNI:A5fvp12UFKcD/6jwqWsNI

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  e49dedfc7adf071bb61e7dd65a8dd65b922e389ecda057cbe52f37cfa01e24f5.exe
- Size
  
  88KB
- MD5
  
  8c1039116099234b55237c11505d6d5b
- SHA1
  
  9e1d0c3965d09f9abb74cc021d75d37216524a62
- SHA256
  
  e49dedfc7adf071bb61e7dd65a8dd65b922e389ecda057cbe52f37cfa01e24f5
- SHA512
  
  82ad8deb691f344719bbdfe1c853d6f85079167ac16b63250ccc9bc7ed819a54edd52cef43076bf3f2b7d36f7f2c255f2a582597737b582e18cfd60e9c873968
- SSDEEP
  
  1536:A5nfmIpxDWbUfd3aOPmxxEhvgCooXqRQqjh+rmKVsNI:A5fvp12UFKcD/6jwqWsNI
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2

tinbabankerdiscoverypersistencetrojan