Overview

overview

10

Static

static

5

d6f73ee4c5...18.exe

windows7-x64

10

d6f73ee4c5...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6f73ee4c5ff5a676ebd3c189939d27d_JaffaCakes118

  • Size

    46KB

  • Sample

    241208-pawwlsxqcl

  • MD5

    d6f73ee4c5ff5a676ebd3c189939d27d

  • SHA1

    b00436c4a98508a601098edd14f506310d5117fd

  • SHA256

    46513128ee1e8118a1922450d2703dd97be0f8d488138d71f03b026602ff54f6

  • SHA512

    6446d6d9ecbbdca02799503aed7195b5668cda5e4c34c523b37ebeca46091a333053ced92be5e05dda2cffa7fd669b7d518a53caf841dc4fa08a44aa6fef5ed3

  • SSDEEP

    768:LtwyMe0Jy8xwd117mrlI9m/xGuv4V7RMEnqt9jn2ACH3hLZ2HwCLlH:Ltwyedxwr1qUMv4VV6j2A83hVY

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      d6f73ee4c5ff5a676ebd3c189939d27d_JaffaCakes118

    • Size

      46KB

    • MD5

      d6f73ee4c5ff5a676ebd3c189939d27d

    • SHA1

      b00436c4a98508a601098edd14f506310d5117fd

    • SHA256

      46513128ee1e8118a1922450d2703dd97be0f8d488138d71f03b026602ff54f6

    • SHA512

      6446d6d9ecbbdca02799503aed7195b5668cda5e4c34c523b37ebeca46091a333053ced92be5e05dda2cffa7fd669b7d518a53caf841dc4fa08a44aa6fef5ed3

    • SSDEEP

      768:LtwyMe0Jy8xwd117mrlI9m/xGuv4V7RMEnqt9jn2ACH3hLZ2HwCLlH:Ltwyedxwr1qUMv4VV6j2A83hVY

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks