Overview

overview

10

Static

static

5

ea17fa2770...7b.exe

windows7-x64

10

ea17fa2770...7b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea17fa27703fdad33468be39c4417356575c381d3c7236d37186f69005d3aa7b.exe

  • Size

    89KB

  • Sample

    241205-kawhmaslcj

  • MD5

    bb1fc05bfb1d216f1a59ad5d1f1fc332

  • SHA1

    ceab0163be9607d3bcea1470e634108a821b9d16

  • SHA256

    ea17fa27703fdad33468be39c4417356575c381d3c7236d37186f69005d3aa7b

  • SHA512

    698ee34b1275bc200c0cae5a5a1e7be5fcb36d8914ac6b0866d5234db8f90d194dda6f7cf0f737ed4b55911040712db93f1e61dce4790f5ca453be4230bb64ac

  • SSDEEP

    1536:j1+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7u:J+4MJIkLZJNAQ9Jo9u

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      ea17fa27703fdad33468be39c4417356575c381d3c7236d37186f69005d3aa7b.exe

    • Size

      89KB

    • MD5

      bb1fc05bfb1d216f1a59ad5d1f1fc332

    • SHA1

      ceab0163be9607d3bcea1470e634108a821b9d16

    • SHA256

      ea17fa27703fdad33468be39c4417356575c381d3c7236d37186f69005d3aa7b

    • SHA512

      698ee34b1275bc200c0cae5a5a1e7be5fcb36d8914ac6b0866d5234db8f90d194dda6f7cf0f737ed4b55911040712db93f1e61dce4790f5ca453be4230bb64ac

    • SSDEEP

      1536:j1+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7u:J+4MJIkLZJNAQ9Jo9u

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks