Overview

overview

10

Static

static

5

0d77696439...e3.exe

windows7-x64

10

0d77696439...e3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d77696439953925e90866121c5d86327211166b6f8b86bc830414fad16ea0e3

  • Size

    34KB

  • Sample

    241204-yazf6sxnbw

  • MD5

    230ca2e283b50a92d97810d9da4a42fb

  • SHA1

    d71faee7b0acd1f016daa0e53b310ba429ea2108

  • SHA256

    0d77696439953925e90866121c5d86327211166b6f8b86bc830414fad16ea0e3

  • SHA512

    a860ce877a2ae7d76301500112fa525a14ea94438b055eb7c8f2ab54715e00cbe3cf3866c3e5752db6ad3afddab2b52f045e6a7b898fedc6eb89323233bc7bf2

  • SSDEEP

    768:tp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9JW:tpYoX58z1uirL98xMWnT0OQ9JW

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      0d77696439953925e90866121c5d86327211166b6f8b86bc830414fad16ea0e3

    • Size

      34KB

    • MD5

      230ca2e283b50a92d97810d9da4a42fb

    • SHA1

      d71faee7b0acd1f016daa0e53b310ba429ea2108

    • SHA256

      0d77696439953925e90866121c5d86327211166b6f8b86bc830414fad16ea0e3

    • SHA512

      a860ce877a2ae7d76301500112fa525a14ea94438b055eb7c8f2ab54715e00cbe3cf3866c3e5752db6ad3afddab2b52f045e6a7b898fedc6eb89323233bc7bf2

    • SSDEEP

      768:tp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9JW:tpYoX58z1uirL98xMWnT0OQ9JW

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks