tinba | 913dfcee5125676a394748b6f5fc2b5f570c4894beaf71c1944fd5d29a026067 | Triage

Sharing

General

Target

913dfcee5125676a394748b6f5fc2b5f570c4894beaf71c1944fd5d29a026067N.exe
Size

610KB
Sample

241216-ewpdjsvqbl
MD5

305584a0ef468e6467001ea03f0b1d20
SHA1

1048a124a5a1dc36ca01bbe164f9220cafcd90bc
SHA256

913dfcee5125676a394748b6f5fc2b5f570c4894beaf71c1944fd5d29a026067
SHA512

dd260a7a005069a11d61853ad31e6f7979b7ee39b750080aef56e48cda8f0e24766408ac546e8ee7f2b0af62ed6c5c45e1d7887b1f0f29277f3fe50217fc88f4
SSDEEP

12288:XATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:dT+KjUdQqboyyWoK1NGqzuhj

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  913dfcee5125676a394748b6f5fc2b5f570c4894beaf71c1944fd5d29a026067N.exe
- Size
  
  610KB
- MD5
  
  305584a0ef468e6467001ea03f0b1d20
- SHA1
  
  1048a124a5a1dc36ca01bbe164f9220cafcd90bc
- SHA256
  
  913dfcee5125676a394748b6f5fc2b5f570c4894beaf71c1944fd5d29a026067
- SHA512
  
  dd260a7a005069a11d61853ad31e6f7979b7ee39b750080aef56e48cda8f0e24766408ac546e8ee7f2b0af62ed6c5c45e1d7887b1f0f29277f3fe50217fc88f4
- SSDEEP
  
  12288:XATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:dT+KjUdQqboyyWoK1NGqzuhj
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2