General

  • Target

    82975e6fe5899d4b468a2cce14e33a276a99e635c8d7d8348f851eb2dfa71180.exe

  • Size

    110KB

  • Sample

    241231-r6yfesvpdz

  • MD5

    b697e5ef4a1481680175d0a0de8cad86

  • SHA1

    9243ac847737ee47544131ce826b792d1585aa42

  • SHA256

    82975e6fe5899d4b468a2cce14e33a276a99e635c8d7d8348f851eb2dfa71180

  • SHA512

    2413a6203413b2b9ac5d75fded61eb67ab031329721cb4f048e6cb4affa8c0f8eb402bca82bdcd7f7e119ce095c59ed6dce14bab3fee0d96412834e0fa08fde6

  • SSDEEP

    1536:liLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:liyvRmDLs/ZrwWJjAqGcRJ2hg

Malware Config

Targets

    • Target

      82975e6fe5899d4b468a2cce14e33a276a99e635c8d7d8348f851eb2dfa71180.exe

    • Size

      110KB

    • MD5

      b697e5ef4a1481680175d0a0de8cad86

    • SHA1

      9243ac847737ee47544131ce826b792d1585aa42

    • SHA256

      82975e6fe5899d4b468a2cce14e33a276a99e635c8d7d8348f851eb2dfa71180

    • SHA512

      2413a6203413b2b9ac5d75fded61eb67ab031329721cb4f048e6cb4affa8c0f8eb402bca82bdcd7f7e119ce095c59ed6dce14bab3fee0d96412834e0fa08fde6

    • SSDEEP

      1536:liLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:liyvRmDLs/ZrwWJjAqGcRJ2hg

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

    • Tinba family

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks