tinba | cd2efa6f26b8000165dba11fc15f202feed00b824e889c671424a438807489f3 | Triage

Sharing

General

Target

cd2efa6f26b8000165dba11fc15f202feed00b824e889c671424a438807489f3N.exe
Size

610KB
Sample

241220-exhmdszpfl
MD5

73458ce2dc85bb3b5fd1d66af4a7ff50
SHA1

09afcb3a1d923515706386220dc249ae095c7c34
SHA256

cd2efa6f26b8000165dba11fc15f202feed00b824e889c671424a438807489f3
SHA512

28bac93b26e4bf9b7f530b3798fef08403fb27bba6bb1e09dc89f8b8248576e79fd4935a6aaf191ed5270abef2c1fade6e6f46ac222d91640de510e74520e2ce
SSDEEP

12288:PATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:VT+KjUdQqboyyWoK1NGqzuhb

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  cd2efa6f26b8000165dba11fc15f202feed00b824e889c671424a438807489f3N.exe
- Size
  
  610KB
- MD5
  
  73458ce2dc85bb3b5fd1d66af4a7ff50
- SHA1
  
  09afcb3a1d923515706386220dc249ae095c7c34
- SHA256
  
  cd2efa6f26b8000165dba11fc15f202feed00b824e889c671424a438807489f3
- SHA512
  
  28bac93b26e4bf9b7f530b3798fef08403fb27bba6bb1e09dc89f8b8248576e79fd4935a6aaf191ed5270abef2c1fade6e6f46ac222d91640de510e74520e2ce
- SSDEEP
  
  12288:PATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:VT+KjUdQqboyyWoK1NGqzuhb
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2