Overview

overview

10

Static

static

5

21490e2711...fN.exe

windows7-x64

10

21490e2711...fN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21490e271138a696b55c98d75f31f28ce62b399d0360589a94aa8f2fc8c4035fN.exe

  • Size

    110KB

  • Sample

    241129-wxh2lavjak

  • MD5

    a6a03f06584e1eeacbfdbade24b970d0

  • SHA1

    cb4a94864751402471fd57621686e18b012c7ec0

  • SHA256

    21490e271138a696b55c98d75f31f28ce62b399d0360589a94aa8f2fc8c4035f

  • SHA512

    5ff83f7e7ba3ca3e84d58b156dd787a3351130fe147d5c224ea779277f56003e89e750d546524962ac8ce9555d3813f2c9c69c8dc2559aef656a43561de9a200

  • SSDEEP

    1536:QiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:QiyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      21490e271138a696b55c98d75f31f28ce62b399d0360589a94aa8f2fc8c4035fN.exe

    • Size

      110KB

    • MD5

      a6a03f06584e1eeacbfdbade24b970d0

    • SHA1

      cb4a94864751402471fd57621686e18b012c7ec0

    • SHA256

      21490e271138a696b55c98d75f31f28ce62b399d0360589a94aa8f2fc8c4035f

    • SHA512

      5ff83f7e7ba3ca3e84d58b156dd787a3351130fe147d5c224ea779277f56003e89e750d546524962ac8ce9555d3813f2c9c69c8dc2559aef656a43561de9a200

    • SSDEEP

      1536:QiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:QiyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks