Overview

overview

10

Static

static

3

b5f67b32c0...47.exe

windows7-x64

10

b5f67b32c0...47.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b5f67b32c02c9034f0a92992be773609d1f84194491659a9137381344b094847.exe

  • Size

    104KB

  • Sample

    241226-tjf9qszlfz

  • MD5

    74a0d2e995e70af7b0e01fd471c86a16

  • SHA1

    723e0af3468eba5a70e407960ec2da92ef9e27ba

  • SHA256

    b5f67b32c02c9034f0a92992be773609d1f84194491659a9137381344b094847

  • SHA512

    8ab82f407297381231d1963f2134c8602d7d76841323d159c402a6408f4d85a7356645258cf55e101ef4f794dd32d96637cd5207f6077d6e75dd2f5b7a4b8d15

  • SSDEEP

    1536:81GNlcMPNOdcrnSIkh6SwQm4PmakHFdXo1+sL44CYoBh37cGv5GTxt:2DMPQIkub4ua6FNoYxTXBh3n2xt

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      b5f67b32c02c9034f0a92992be773609d1f84194491659a9137381344b094847.exe

    • Size

      104KB

    • MD5

      74a0d2e995e70af7b0e01fd471c86a16

    • SHA1

      723e0af3468eba5a70e407960ec2da92ef9e27ba

    • SHA256

      b5f67b32c02c9034f0a92992be773609d1f84194491659a9137381344b094847

    • SHA512

      8ab82f407297381231d1963f2134c8602d7d76841323d159c402a6408f4d85a7356645258cf55e101ef4f794dd32d96637cd5207f6077d6e75dd2f5b7a4b8d15

    • SSDEEP

      1536:81GNlcMPNOdcrnSIkh6SwQm4PmakHFdXo1+sL44CYoBh37cGv5GTxt:2DMPQIkub4ua6FNoYxTXBh3n2xt

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks