General

  • Target

    f1e40984f0cecb894d5037c4598afa74_JaffaCakes118

  • Size

    160KB

  • Sample

    241215-c2rdzs1qcv

  • MD5

    f1e40984f0cecb894d5037c4598afa74

  • SHA1

    4e82eba824c6c7031ee6755144bea928b696ee76

  • SHA256

    b86c41be01a05a3b6be6f98799e7362e21c5c87565e67a52daa6335d4c7084a8

  • SHA512

    cefae525735ed361604de44a7a5ff81ad412357e0267aef4fa3cfb7ed91f7d217a5e8fc7fa6dfac37996a22870e9903c7e4a3b9a3d708bc679be97f16f20aa0c

  • SSDEEP

    1536:eEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:VY+4MiIkLZJNAQ9J6v

Malware Config

Targets

    • Target

      f1e40984f0cecb894d5037c4598afa74_JaffaCakes118

    • Size

      160KB

    • MD5

      f1e40984f0cecb894d5037c4598afa74

    • SHA1

      4e82eba824c6c7031ee6755144bea928b696ee76

    • SHA256

      b86c41be01a05a3b6be6f98799e7362e21c5c87565e67a52daa6335d4c7084a8

    • SHA512

      cefae525735ed361604de44a7a5ff81ad412357e0267aef4fa3cfb7ed91f7d217a5e8fc7fa6dfac37996a22870e9903c7e4a3b9a3d708bc679be97f16f20aa0c

    • SSDEEP

      1536:eEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:VY+4MiIkLZJNAQ9J6v

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Tinba family

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks