tinba | b291618cedab53022101f79dd14b6436af986d724c0515317aaabf8b29736a84 | Triage

Sharing

General

Target

JaffaCakes118_0538aabbafbdc672ee29999103d2e646
Size

88KB
Sample

241231-fe24raykfv
MD5

0538aabbafbdc672ee29999103d2e646
SHA1

8321c4c30f3b3a2f23ef37d2a6f800b7b498b9b8
SHA256

b291618cedab53022101f79dd14b6436af986d724c0515317aaabf8b29736a84
SHA512

2838fca01446d06fb4c8ddc7c3763da5487b3328a2fe44693f65797e44d1ea328f3f88d3ef394543ef75a1c491dad91542eb71bc5a672207ab94cd98d31e235d
SSDEEP

1536:x5nfmIpxDWbUfd3aOPmxxEhvgCooXqRQqjh+rmKVsN:x5fvp12UFKcD/6jwqWsN

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_0538aabbafbdc672ee29999103d2e646
- Size
  
  88KB
- MD5
  
  0538aabbafbdc672ee29999103d2e646
- SHA1
  
  8321c4c30f3b3a2f23ef37d2a6f800b7b498b9b8
- SHA256
  
  b291618cedab53022101f79dd14b6436af986d724c0515317aaabf8b29736a84
- SHA512
  
  2838fca01446d06fb4c8ddc7c3763da5487b3328a2fe44693f65797e44d1ea328f3f88d3ef394543ef75a1c491dad91542eb71bc5a672207ab94cd98d31e235d
- SSDEEP
  
  1536:x5nfmIpxDWbUfd3aOPmxxEhvgCooXqRQqjh+rmKVsN:x5fvp12UFKcD/6jwqWsN
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2

tinbabankerdiscoverypersistencetrojan