General

  • Target

    f02d66643545981b4c13e619793f0fe7_JaffaCakes118

  • Size

    160KB

  • Sample

    241214-xfnfessngj

  • MD5

    f02d66643545981b4c13e619793f0fe7

  • SHA1

    f1b3da179e7e90ce87d17c7bcbe15258ee094769

  • SHA256

    3f4f67c688681f6a62f194856f21f376596697005099a0b4852110024a2f17a6

  • SHA512

    974ea24d870abc212372916bf93fe42d3cf0980db394bb4f4f0ac1dc351433ab068409b2f193d355d5be4e84a11c2f23410a8f1279a49196e6f421a5cdfd511f

  • SSDEEP

    1536:EEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:3Y+4MiIkLZJNAQ9J6v

Malware Config

Targets

    • Target

      f02d66643545981b4c13e619793f0fe7_JaffaCakes118

    • Size

      160KB

    • MD5

      f02d66643545981b4c13e619793f0fe7

    • SHA1

      f1b3da179e7e90ce87d17c7bcbe15258ee094769

    • SHA256

      3f4f67c688681f6a62f194856f21f376596697005099a0b4852110024a2f17a6

    • SHA512

      974ea24d870abc212372916bf93fe42d3cf0980db394bb4f4f0ac1dc351433ab068409b2f193d355d5be4e84a11c2f23410a8f1279a49196e6f421a5cdfd511f

    • SSDEEP

      1536:EEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:3Y+4MiIkLZJNAQ9J6v

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Tinba family

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks