tinba | cbde0c5465351c56a6e1207644ba8492f9d3aba48ab2c1437a71678c1fcdce36 | Triage

Sharing

General

Target

cbde0c5465351c56a6e1207644ba8492f9d3aba48ab2c1437a71678c1fcdce36
Size

610KB
Sample

241223-dtt1ksvme1
MD5

2ff4b1d87104bbf121a5c3f5e81e0c4f
SHA1

8b3033b8b6db2f77e440d92667442371ab4fceee
SHA256

cbde0c5465351c56a6e1207644ba8492f9d3aba48ab2c1437a71678c1fcdce36
SHA512

ea3f3c0fef8e3b64a79a183ccb0a1af72bde6dae7fa99870a9f044df45a16c5ade089e8387f2280e6858f42ad88b3613b0f6cb97f24e56ffa5482decd9d470e8
SSDEEP

12288:BATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:jT+KjUdQqboyyWoK1NGqzuhz

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  cbde0c5465351c56a6e1207644ba8492f9d3aba48ab2c1437a71678c1fcdce36
- Size
  
  610KB
- MD5
  
  2ff4b1d87104bbf121a5c3f5e81e0c4f
- SHA1
  
  8b3033b8b6db2f77e440d92667442371ab4fceee
- SHA256
  
  cbde0c5465351c56a6e1207644ba8492f9d3aba48ab2c1437a71678c1fcdce36
- SHA512
  
  ea3f3c0fef8e3b64a79a183ccb0a1af72bde6dae7fa99870a9f044df45a16c5ade089e8387f2280e6858f42ad88b3613b0f6cb97f24e56ffa5482decd9d470e8
- SSDEEP
  
  12288:BATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+c:jT+KjUdQqboyyWoK1NGqzuhz
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2