Overview

overview

10

Static

static

5

JaffaCakes...97.exe

windows7-x64

10

JaffaCakes...97.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3d58c01552f7aa46c3488c1d3f6aa097

  • Size

    34KB

  • Sample

    241231-25grdswrbn

  • MD5

    3d58c01552f7aa46c3488c1d3f6aa097

  • SHA1

    75c6573f16141d494d19804083bb97883b24be40

  • SHA256

    58a5c3da58ba1fe901146c4ff7cf5b8008b5d9b1422669bb345c1d10428ca77d

  • SHA512

    34e0b02d1190cde03d09f5ba5e2d9d78169202f9c361376932226081f37246d4910b4ea9d79a3940e68b4aa9f0a2b390b45b47ef110d96b2d119d78d882b7936

  • SSDEEP

    768:pp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:ppYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_3d58c01552f7aa46c3488c1d3f6aa097

    • Size

      34KB

    • MD5

      3d58c01552f7aa46c3488c1d3f6aa097

    • SHA1

      75c6573f16141d494d19804083bb97883b24be40

    • SHA256

      58a5c3da58ba1fe901146c4ff7cf5b8008b5d9b1422669bb345c1d10428ca77d

    • SHA512

      34e0b02d1190cde03d09f5ba5e2d9d78169202f9c361376932226081f37246d4910b4ea9d79a3940e68b4aa9f0a2b390b45b47ef110d96b2d119d78d882b7936

    • SSDEEP

      768:pp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:ppYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks