tinba | 13823bf47a7a5698cb09288a0652a6433267ca5178645e9e0e875e8e5ce0365c | Triage

Sharing

General

Target

13823bf47a7a5698cb09288a0652a6433267ca5178645e9e0e875e8e5ce0365cN.exe
Size

225KB
Sample

241216-m8hersyngk
MD5

24e544664a4517e54984b688ceeb7ee0
SHA1

d4d74bde5f67ea1af7b670cc79ccdfa27b728bc8
SHA256

13823bf47a7a5698cb09288a0652a6433267ca5178645e9e0e875e8e5ce0365c
SHA512

34da12df40bf35584acd7b6b461b1d7fb9bdce9df6f9ab10c102c67f29126ffe34146acc76bed48841e808f3b978d4ad85182e5b118be575232a14d90b2dbed1
SSDEEP

6144:xA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:xATuTAnKGwUAW3ycQqgf

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  13823bf47a7a5698cb09288a0652a6433267ca5178645e9e0e875e8e5ce0365cN.exe
- Size
  
  225KB
- MD5
  
  24e544664a4517e54984b688ceeb7ee0
- SHA1
  
  d4d74bde5f67ea1af7b670cc79ccdfa27b728bc8
- SHA256
  
  13823bf47a7a5698cb09288a0652a6433267ca5178645e9e0e875e8e5ce0365c
- SHA512
  
  34da12df40bf35584acd7b6b461b1d7fb9bdce9df6f9ab10c102c67f29126ffe34146acc76bed48841e808f3b978d4ad85182e5b118be575232a14d90b2dbed1
- SSDEEP
  
  6144:xA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:xATuTAnKGwUAW3ycQqgf
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2