Overview

overview

10

Static

static

5

7bc883b9be...4N.exe

windows7-x64

10

7bc883b9be...4N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7bc883b9be982c5d4caf4e76e6abcdfe0a5d109cdcad38fe78e9ad3e2567c224N.exe

  • Size

    89KB

  • Sample

    241129-kczcasvqaz

  • MD5

    60b845037a355c84b17b920e249f14b0

  • SHA1

    455460bb6a914ca669cd42f6d50fa306ab38e465

  • SHA256

    7bc883b9be982c5d4caf4e76e6abcdfe0a5d109cdcad38fe78e9ad3e2567c224

  • SHA512

    dec9d8d0aa7f735355015b9cf83bcac0f358636a864a395d0333b9a863f9e51a8e3ed93083c2786ff2e5fb4d6860f37fc24aec0716e7b1815913cc3a272b7df9

  • SSDEEP

    1536:n1+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7K:1+4MJIkLZJNAQ9Jo9K

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      7bc883b9be982c5d4caf4e76e6abcdfe0a5d109cdcad38fe78e9ad3e2567c224N.exe

    • Size

      89KB

    • MD5

      60b845037a355c84b17b920e249f14b0

    • SHA1

      455460bb6a914ca669cd42f6d50fa306ab38e465

    • SHA256

      7bc883b9be982c5d4caf4e76e6abcdfe0a5d109cdcad38fe78e9ad3e2567c224

    • SHA512

      dec9d8d0aa7f735355015b9cf83bcac0f358636a864a395d0333b9a863f9e51a8e3ed93083c2786ff2e5fb4d6860f37fc24aec0716e7b1815913cc3a272b7df9

    • SSDEEP

      1536:n1+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7K:1+4MJIkLZJNAQ9Jo9K

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks