Overview

overview

10

Static

static

5

0c1738c8e8...20.exe

windows7-x64

10

0c1738c8e8...20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0c1738c8e87d403096c5137a67fb66bc6bbf19d5dbaf18028b3b5ab8dd6cdb20.exe

  • Size

    146KB

  • Sample

    241230-r75wwszphv

  • MD5

    7253a5dfc99934f965bb0aef560c9f2a

  • SHA1

    0146b5fff483768f653e1171444b11dccdb58640

  • SHA256

    0c1738c8e87d403096c5137a67fb66bc6bbf19d5dbaf18028b3b5ab8dd6cdb20

  • SHA512

    be5eee4d1351fa77981df1019a01cb19301c11418470c151bc7f7ed1c1dbe32f7974bfe66eba79065c806a8ac35226e2c4e1745de7e1f722813673fc6ce57b8f

  • SSDEEP

    1536:miLOvRmmQegJ3BbmAQ256/ZrwWnL8SOV7CW2YqjhOrmK6o8v0EL:miyvRmbLs/ZrwWL/OV7GjQqpo8lL

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      0c1738c8e87d403096c5137a67fb66bc6bbf19d5dbaf18028b3b5ab8dd6cdb20.exe

    • Size

      146KB

    • MD5

      7253a5dfc99934f965bb0aef560c9f2a

    • SHA1

      0146b5fff483768f653e1171444b11dccdb58640

    • SHA256

      0c1738c8e87d403096c5137a67fb66bc6bbf19d5dbaf18028b3b5ab8dd6cdb20

    • SHA512

      be5eee4d1351fa77981df1019a01cb19301c11418470c151bc7f7ed1c1dbe32f7974bfe66eba79065c806a8ac35226e2c4e1745de7e1f722813673fc6ce57b8f

    • SSDEEP

      1536:miLOvRmmQegJ3BbmAQ256/ZrwWnL8SOV7CW2YqjhOrmK6o8v0EL:miyvRmbLs/ZrwWL/OV7GjQqpo8lL

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks