tinba | 5be44299a01685a93250c2fd18dfeb0b7c3a54730995ef0790bbddd38154c223 | Triage

Sharing

General

Target

5be44299a01685a93250c2fd18dfeb0b7c3a54730995ef0790bbddd38154c223.exe
Size

610KB
Sample

241219-dcppjatqcw
MD5

fff9efe6daf010b9e2497fbb0de072cf
SHA1

b11a8b7e4fe53176934630c874bd9f4537896692
SHA256

5be44299a01685a93250c2fd18dfeb0b7c3a54730995ef0790bbddd38154c223
SHA512

5be08cb26d63a0ce76b1e58bd7e9bc38b64ebe8a53943ebfc0fefa451ebb23fcf3e4073ed3c47c79d116091948aad12554b11d6a51249f8bde509c40c8fe7ba5
SSDEEP

12288:UATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:KT+KjUdQqboyyWoK1NGqzuhz

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  5be44299a01685a93250c2fd18dfeb0b7c3a54730995ef0790bbddd38154c223.exe
- Size
  
  610KB
- MD5
  
  fff9efe6daf010b9e2497fbb0de072cf
- SHA1
  
  b11a8b7e4fe53176934630c874bd9f4537896692
- SHA256
  
  5be44299a01685a93250c2fd18dfeb0b7c3a54730995ef0790bbddd38154c223
- SHA512
  
  5be08cb26d63a0ce76b1e58bd7e9bc38b64ebe8a53943ebfc0fefa451ebb23fcf3e4073ed3c47c79d116091948aad12554b11d6a51249f8bde509c40c8fe7ba5
- SSDEEP
  
  12288:UATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:KT+KjUdQqboyyWoK1NGqzuhz
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2