tinba | 45f5b745326bc8c4148fcfeb7be7bfb8ba4c9ef3fad369702c3ddd671cabe64d | Triage

Sharing

General

Target

45f5b745326bc8c4148fcfeb7be7bfb8ba4c9ef3fad369702c3ddd671cabe64dN.exe
Size

104KB
Sample

241225-wd6csa1mgj
MD5

cc6199fe4b68180833685013074306a0
SHA1

97ace1895c7c2f7fb38bfc85fe066dcbd003e966
SHA256

45f5b745326bc8c4148fcfeb7be7bfb8ba4c9ef3fad369702c3ddd671cabe64d
SHA512

0738c59a0068c75cc1395656fcb12c28f82e72a89e97f3fc8795f68355bedfc99a943a26a6a5704071994f1ed1e0c6e11b9962621db02b9ff934cd4c0bf10eca
SSDEEP

1536:81GNlcMPNOdcrnSIkh6SwQm4PmakHFdXo1+sL44CYoBh37cGv5GTx3:2DMPQIkub4ua6FNoYxTXBh3n2x3

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  45f5b745326bc8c4148fcfeb7be7bfb8ba4c9ef3fad369702c3ddd671cabe64dN.exe
- Size
  
  104KB
- MD5
  
  cc6199fe4b68180833685013074306a0
- SHA1
  
  97ace1895c7c2f7fb38bfc85fe066dcbd003e966
- SHA256
  
  45f5b745326bc8c4148fcfeb7be7bfb8ba4c9ef3fad369702c3ddd671cabe64d
- SHA512
  
  0738c59a0068c75cc1395656fcb12c28f82e72a89e97f3fc8795f68355bedfc99a943a26a6a5704071994f1ed1e0c6e11b9962621db02b9ff934cd4c0bf10eca
- SSDEEP
  
  1536:81GNlcMPNOdcrnSIkh6SwQm4PmakHFdXo1+sL44CYoBh37cGv5GTx3:2DMPQIkub4ua6FNoYxTXBh3n2x3
Score

10^/10

discovery tinba banker persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

tinbabankerdiscoverypersistencetrojan