tinba | ea9850669e964bac88a1f10aff37c039a00774443df40d45753e9c692ef90663 | Triage

Sharing

General

Target

ea9850669e964bac88a1f10aff37c039a00774443df40d45753e9c692ef90663
Size

225KB
Sample

241217-ex4jvs1pbj
MD5

f7c530b83d8b1a0d029861f4b3bb97f4
SHA1

d76b31ae643e49bdb9896a4db8a157d0a863d329
SHA256

ea9850669e964bac88a1f10aff37c039a00774443df40d45753e9c692ef90663
SHA512

9357a487efdf9e0011c5f00808d19211393deb1c3f78f44da4a89f890e9cbbf1225d642a01503067a5ae94e334975dd292e4373507696a2e91d2b5816c48dcff
SSDEEP

6144:tA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:tATuTAnKGwUAW3ycQqgf

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  ea9850669e964bac88a1f10aff37c039a00774443df40d45753e9c692ef90663
- Size
  
  225KB
- MD5
  
  f7c530b83d8b1a0d029861f4b3bb97f4
- SHA1
  
  d76b31ae643e49bdb9896a4db8a157d0a863d329
- SHA256
  
  ea9850669e964bac88a1f10aff37c039a00774443df40d45753e9c692ef90663
- SHA512
  
  9357a487efdf9e0011c5f00808d19211393deb1c3f78f44da4a89f890e9cbbf1225d642a01503067a5ae94e334975dd292e4373507696a2e91d2b5816c48dcff
- SSDEEP
  
  6144:tA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:tATuTAnKGwUAW3ycQqgf
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2