tinba | d2eabadab735de071a0ce68885eb056bcd0e745f11b782312e74f5901694f96a | Triage

Sharing

General

Target

d2eabadab735de071a0ce68885eb056bcd0e745f11b782312e74f5901694f96a
Size

225KB
Sample

241219-e6am5syjhz
MD5

7d4e60d51e2527a19aa02448ae654156
SHA1

8dd08d3541b0f5e6fd36071eefd2f5915b5ae035
SHA256

d2eabadab735de071a0ce68885eb056bcd0e745f11b782312e74f5901694f96a
SHA512

9d6b688076acf38bcd6af7c0a1e3291e900595aadc91e7dec582136f7b5abcc21a80e52fb077e3e9e27961b4ca0eef4ad1a6978b679e4d13d2e57a91937d90be
SSDEEP

6144:/A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:/ATuTAnKGwUAW3ycQqgd

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  d2eabadab735de071a0ce68885eb056bcd0e745f11b782312e74f5901694f96a
- Size
  
  225KB
- MD5
  
  7d4e60d51e2527a19aa02448ae654156
- SHA1
  
  8dd08d3541b0f5e6fd36071eefd2f5915b5ae035
- SHA256
  
  d2eabadab735de071a0ce68885eb056bcd0e745f11b782312e74f5901694f96a
- SHA512
  
  9d6b688076acf38bcd6af7c0a1e3291e900595aadc91e7dec582136f7b5abcc21a80e52fb077e3e9e27961b4ca0eef4ad1a6978b679e4d13d2e57a91937d90be
- SSDEEP
  
  6144:/A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:/ATuTAnKGwUAW3ycQqgd
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2