Overview

overview

10

Static

static

5

fbc21f70db...8c.exe

windows7-x64

10

fbc21f70db...8c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fbc21f70db540968b3e594051688e4cdc7b68d88dfb8433955f2288fd02efc8c.exe

  • Size

    34KB

  • Sample

    241203-3rmwxswlfq

  • MD5

    79d41b47da6cbda5ec5fb3fbcff42e2a

  • SHA1

    67aa429ecd9d299112293f531c308a1da07fd2d4

  • SHA256

    fbc21f70db540968b3e594051688e4cdc7b68d88dfb8433955f2288fd02efc8c

  • SHA512

    3ed8f4d91a3fecc67e5eb7c032e14cdc2c34227b38af8df82c324051251264ff6c7cbf9a2f22166fd1e5cad89411e5487847ebaae204879fa085bc379cfe559a

  • SSDEEP

    768:sp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9JW:spYoX58z1uirL98xMWnT0OQ9JW

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      fbc21f70db540968b3e594051688e4cdc7b68d88dfb8433955f2288fd02efc8c.exe

    • Size

      34KB

    • MD5

      79d41b47da6cbda5ec5fb3fbcff42e2a

    • SHA1

      67aa429ecd9d299112293f531c308a1da07fd2d4

    • SHA256

      fbc21f70db540968b3e594051688e4cdc7b68d88dfb8433955f2288fd02efc8c

    • SHA512

      3ed8f4d91a3fecc67e5eb7c032e14cdc2c34227b38af8df82c324051251264ff6c7cbf9a2f22166fd1e5cad89411e5487847ebaae204879fa085bc379cfe559a

    • SSDEEP

      768:sp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9JW:spYoX58z1uirL98xMWnT0OQ9JW

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks