tinba | 2d8c68a7931e2f75d11ea87a6a944cf170265d0a08f9a04b728bfc9920999077 | Triage

Sharing

General

Target

2d8c68a7931e2f75d11ea87a6a944cf170265d0a08f9a04b728bfc9920999077
Size

610KB
Sample

241226-zqhzsszlbv
MD5

f88a511b24b10d119d38a1e762ba9113
SHA1

6f3b62166726683cb36cb65173f809de85483dce
SHA256

2d8c68a7931e2f75d11ea87a6a944cf170265d0a08f9a04b728bfc9920999077
SHA512

30f0602fffe999095490e4dafc82797c3f8395227166b3f47e98cbea3e22bc5b40c388bf40b6ac2c64d46d19f5b4deee9fafee4b03ab2c11d639b875d3494e4f
SSDEEP

12288:cATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+E:yT+KjUdQqboyyWoK1NGqzuhh

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  2d8c68a7931e2f75d11ea87a6a944cf170265d0a08f9a04b728bfc9920999077
- Size
  
  610KB
- MD5
  
  f88a511b24b10d119d38a1e762ba9113
- SHA1
  
  6f3b62166726683cb36cb65173f809de85483dce
- SHA256
  
  2d8c68a7931e2f75d11ea87a6a944cf170265d0a08f9a04b728bfc9920999077
- SHA512
  
  30f0602fffe999095490e4dafc82797c3f8395227166b3f47e98cbea3e22bc5b40c388bf40b6ac2c64d46d19f5b4deee9fafee4b03ab2c11d639b875d3494e4f
- SSDEEP
  
  12288:cATuTAnKGwUAW3ycQqgYo3CyWoKEY3ZQi7gfqOuuh+E:yT+KjUdQqboyyWoK1NGqzuhh
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2