tinba | f188787c7e31b66bd9efd5b455cc802f825e3e73b15a48135e73189c65207543 | Triage

Sharing

General

Target

f188787c7e31b66bd9efd5b455cc802f825e3e73b15a48135e73189c65207543
Size

225KB
Sample

241209-e5v8fsvkhk
MD5

9216a182973df6197dcb2af871e415a8
SHA1

37b06f7689c474bb69cd59ff87855d77a3b09abb
SHA256

f188787c7e31b66bd9efd5b455cc802f825e3e73b15a48135e73189c65207543
SHA512

647356e89e3137ee82ee7812a20817dd8a352261c9f3dfb39f71a0065d045e737d7b4212c56821a3da6415bc2f64ed00d3b6f2e3fd60203d3d9761668ef67599
SSDEEP

6144:nA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:nATuTAnKGwUAW3ycQqgN

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  f188787c7e31b66bd9efd5b455cc802f825e3e73b15a48135e73189c65207543
- Size
  
  225KB
- MD5
  
  9216a182973df6197dcb2af871e415a8
- SHA1
  
  37b06f7689c474bb69cd59ff87855d77a3b09abb
- SHA256
  
  f188787c7e31b66bd9efd5b455cc802f825e3e73b15a48135e73189c65207543
- SHA512
  
  647356e89e3137ee82ee7812a20817dd8a352261c9f3dfb39f71a0065d045e737d7b4212c56821a3da6415bc2f64ed00d3b6f2e3fd60203d3d9761668ef67599
- SSDEEP
  
  6144:nA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:nATuTAnKGwUAW3ycQqgN
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2