Overview

overview

10

Static

static

5

5d78c3c3e8...5N.exe

windows7-x64

10

5d78c3c3e8...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d78c3c3e83d02ae650fd5d128c7b5e8b3a5a9af1caf1ef2b6d9998521aa6d45N.exe

  • Size

    160KB

  • Sample

    241127-w448eavlhv

  • MD5

    3cf1d958feb742ebb4e9145f804a7380

  • SHA1

    2010b638062347530a9d855893be507bc444b7db

  • SHA256

    5d78c3c3e83d02ae650fd5d128c7b5e8b3a5a9af1caf1ef2b6d9998521aa6d45

  • SHA512

    6e5bbcedebac2794c94c72c1c040c3aca5e57e5cf43b5b608d8dd0f01c2ce51e308ea4658cb9d8ecc594b475a49c0db148b1bb983843119045442a188d7d3644

  • SSDEEP

    1536:IEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph0:LY+4MiIkLZJNAQ9J6vK

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      5d78c3c3e83d02ae650fd5d128c7b5e8b3a5a9af1caf1ef2b6d9998521aa6d45N.exe

    • Size

      160KB

    • MD5

      3cf1d958feb742ebb4e9145f804a7380

    • SHA1

      2010b638062347530a9d855893be507bc444b7db

    • SHA256

      5d78c3c3e83d02ae650fd5d128c7b5e8b3a5a9af1caf1ef2b6d9998521aa6d45

    • SHA512

      6e5bbcedebac2794c94c72c1c040c3aca5e57e5cf43b5b608d8dd0f01c2ce51e308ea4658cb9d8ecc594b475a49c0db148b1bb983843119045442a188d7d3644

    • SSDEEP

      1536:IEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph0:LY+4MiIkLZJNAQ9J6vK

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks