Overview

overview

10

Static

static

5

a937fa77d3...54.exe

windows7-x64

10

a937fa77d3...54.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a937fa77d341969272de40c1c9162d68138a18bd1336f2f23ba49f3d99c34654.exe

  • Size

    160KB

  • Sample

    241123-kw35layler

  • MD5

    8f4fb0827a88cb504206e5e531bb9e43

  • SHA1

    0c1c55c624d970fab4cb57acb4ccd04c5cf0b7be

  • SHA256

    a937fa77d341969272de40c1c9162d68138a18bd1336f2f23ba49f3d99c34654

  • SHA512

    306403a13d55dfe69299b2fb4e08087b66a5eaaace2afcb272665c47c70b01fdf94f5262cc15ad23766c80621bb2aa455322912354f1c0251bba4e691ba54f7b

  • SSDEEP

    1536:SEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xphM:ZY+4MiIkLZJNAQ9J6ve

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      a937fa77d341969272de40c1c9162d68138a18bd1336f2f23ba49f3d99c34654.exe

    • Size

      160KB

    • MD5

      8f4fb0827a88cb504206e5e531bb9e43

    • SHA1

      0c1c55c624d970fab4cb57acb4ccd04c5cf0b7be

    • SHA256

      a937fa77d341969272de40c1c9162d68138a18bd1336f2f23ba49f3d99c34654

    • SHA512

      306403a13d55dfe69299b2fb4e08087b66a5eaaace2afcb272665c47c70b01fdf94f5262cc15ad23766c80621bb2aa455322912354f1c0251bba4e691ba54f7b

    • SSDEEP

      1536:SEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xphM:ZY+4MiIkLZJNAQ9J6ve

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks