Overview

overview

10

Static

static

5

b492cc7380...3c.exe

windows7-x64

10

b492cc7380...3c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b492cc7380179335df3bd804f08e2a7472dbe5c7198d5290cedfa989f59c7a3c.exe

  • Size

    34KB

  • Sample

    241127-kbc3nsvrhx

  • MD5

    7e8b96769a8eae870aa366fb072bf6e5

  • SHA1

    cb50dbaa562120d40e0c4242afc51a5ce50b450f

  • SHA256

    b492cc7380179335df3bd804f08e2a7472dbe5c7198d5290cedfa989f59c7a3c

  • SHA512

    219fc632f9b9d5d924539b3fbf68a9221ba24f246b30bdc60c6b33ed35d762371d0dbe9fd5dc6cfbe078dc9bb2da80cd0c386ad3f2ec4c94a4971ac693f40c77

  • SSDEEP

    768:Bp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9Jy:BpYoX58z1uirL98xMWnT0OQ9Jy

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      b492cc7380179335df3bd804f08e2a7472dbe5c7198d5290cedfa989f59c7a3c.exe

    • Size

      34KB

    • MD5

      7e8b96769a8eae870aa366fb072bf6e5

    • SHA1

      cb50dbaa562120d40e0c4242afc51a5ce50b450f

    • SHA256

      b492cc7380179335df3bd804f08e2a7472dbe5c7198d5290cedfa989f59c7a3c

    • SHA512

      219fc632f9b9d5d924539b3fbf68a9221ba24f246b30bdc60c6b33ed35d762371d0dbe9fd5dc6cfbe078dc9bb2da80cd0c386ad3f2ec4c94a4971ac693f40c77

    • SSDEEP

      768:Bp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9Jy:BpYoX58z1uirL98xMWnT0OQ9Jy

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks