Overview

overview

10

Static

static

5

f68dd3eb9c...82.exe

windows7-x64

10

f68dd3eb9c...82.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f68dd3eb9c528f859fe2cff7bafbfc8ba1e293a584c467df2fa2250cd5508482.exe

  • Size

    45KB

  • Sample

    241226-vlsk8asjck

  • MD5

    ed0ab63cf542e3695a1aff9b46950ead

  • SHA1

    c833169be7c5d55c5f7f2f99030b92262df32598

  • SHA256

    f68dd3eb9c528f859fe2cff7bafbfc8ba1e293a584c467df2fa2250cd5508482

  • SHA512

    6b3f0d0af349dfcb22b7cac04f3885052dc7b84b49adb0d18bf502acf92f451c529c4db14536ff008164ce75c2eac25f1d0c0a30a5ddcff00d4ae5262c928b87

  • SSDEEP

    768:DhP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2f:VsWE9N5dFu53dsniQaB/xZ14n7zIF+qr

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      f68dd3eb9c528f859fe2cff7bafbfc8ba1e293a584c467df2fa2250cd5508482.exe

    • Size

      45KB

    • MD5

      ed0ab63cf542e3695a1aff9b46950ead

    • SHA1

      c833169be7c5d55c5f7f2f99030b92262df32598

    • SHA256

      f68dd3eb9c528f859fe2cff7bafbfc8ba1e293a584c467df2fa2250cd5508482

    • SHA512

      6b3f0d0af349dfcb22b7cac04f3885052dc7b84b49adb0d18bf502acf92f451c529c4db14536ff008164ce75c2eac25f1d0c0a30a5ddcff00d4ae5262c928b87

    • SSDEEP

      768:DhP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2f:VsWE9N5dFu53dsniQaB/xZ14n7zIF+qr

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks