tinba | 9846d855def24caa30826e6ed196b59e1906e2ff1bd132f07b5144f89172b539 | Triage

Sharing

General

Target

9846d855def24caa30826e6ed196b59e1906e2ff1bd132f07b5144f89172b539
Size

225KB
Sample

241205-a58rbszkgt
MD5

048eee5f851bfd05702c8c7c68d6cef5
SHA1

bcf2154ecfd0a288bc6148460dfba7a88b61ffdf
SHA256

9846d855def24caa30826e6ed196b59e1906e2ff1bd132f07b5144f89172b539
SHA512

d74ce7910ebf13ee2a7a2c93cef86025db75939e87e4b9bc937439eb35047784232d4e7112f8584955373da71e8dd6ff6eabb60d7e82a5426e382382d4944545
SSDEEP

6144:7A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:7ATuTAnKGwUAW3ycQqgf

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  9846d855def24caa30826e6ed196b59e1906e2ff1bd132f07b5144f89172b539
- Size
  
  225KB
- MD5
  
  048eee5f851bfd05702c8c7c68d6cef5
- SHA1
  
  bcf2154ecfd0a288bc6148460dfba7a88b61ffdf
- SHA256
  
  9846d855def24caa30826e6ed196b59e1906e2ff1bd132f07b5144f89172b539
- SHA512
  
  d74ce7910ebf13ee2a7a2c93cef86025db75939e87e4b9bc937439eb35047784232d4e7112f8584955373da71e8dd6ff6eabb60d7e82a5426e382382d4944545
- SSDEEP
  
  6144:7A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:7ATuTAnKGwUAW3ycQqgf
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2