tinba | caacd9abf0af060124a9e71c9a940fa216b87d07517dbc33455522096a3cbe38 | Triage

Sharing

General

Target

caacd9abf0af060124a9e71c9a940fa216b87d07517dbc33455522096a3cbe38N.exe
Size

225KB
Sample

241226-p3gx6awket
MD5

95b325e592433f1c06a268885f7958d0
SHA1

5e09f94c8a7ad56f6a2e5b1f5241e076e3995d8c
SHA256

caacd9abf0af060124a9e71c9a940fa216b87d07517dbc33455522096a3cbe38
SHA512

f2304d6c81062cab06d1ed2617c238f80d83ad7ce69219a5aaf2533ac883cf84d805c2cd24d292bf6e4f492693d7375ffd49c02c229c7445c116692db58d4bd1
SSDEEP

6144:XA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:XATuTAnKGwUAW3ycQqg1

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  caacd9abf0af060124a9e71c9a940fa216b87d07517dbc33455522096a3cbe38N.exe
- Size
  
  225KB
- MD5
  
  95b325e592433f1c06a268885f7958d0
- SHA1
  
  5e09f94c8a7ad56f6a2e5b1f5241e076e3995d8c
- SHA256
  
  caacd9abf0af060124a9e71c9a940fa216b87d07517dbc33455522096a3cbe38
- SHA512
  
  f2304d6c81062cab06d1ed2617c238f80d83ad7ce69219a5aaf2533ac883cf84d805c2cd24d292bf6e4f492693d7375ffd49c02c229c7445c116692db58d4bd1
- SSDEEP
  
  6144:XA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:XATuTAnKGwUAW3ycQqg1
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2