tinba | 4ba50b28ca89d12540aeb698341f44607748db9da3cf3a84aff0016a7183249e | Triage

Sharing

General

Target

4ba50b28ca89d12540aeb698341f44607748db9da3cf3a84aff0016a7183249e.exe
Size

225KB
Sample

241217-w4wahavpfk
MD5

c39d9d16d2d41ed1cb8637455ff6fc71
SHA1

fc0afb899f5b0704abc30d69333a54c3166940e8
SHA256

4ba50b28ca89d12540aeb698341f44607748db9da3cf3a84aff0016a7183249e
SHA512

d5f99c43a50d21c9b153937eeac00f194403403f91b4c656f9678a23e27038defd9c0549b7ce863cf99a960f31821bb402538c0415236b8234f56c48b7124d0b
SSDEEP

6144:EA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:EATuTAnKGwUAW3ycQqgt

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  4ba50b28ca89d12540aeb698341f44607748db9da3cf3a84aff0016a7183249e.exe
- Size
  
  225KB
- MD5
  
  c39d9d16d2d41ed1cb8637455ff6fc71
- SHA1
  
  fc0afb899f5b0704abc30d69333a54c3166940e8
- SHA256
  
  4ba50b28ca89d12540aeb698341f44607748db9da3cf3a84aff0016a7183249e
- SHA512
  
  d5f99c43a50d21c9b153937eeac00f194403403f91b4c656f9678a23e27038defd9c0549b7ce863cf99a960f31821bb402538c0415236b8234f56c48b7124d0b
- SSDEEP
  
  6144:EA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:EATuTAnKGwUAW3ycQqgt
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2