tinba | 1210fcd613a91ce37572af5a12f4175fbfd4d1f38b7799151997b20619d94a92 | Triage

Sharing

General

Target

1210fcd613a91ce37572af5a12f4175fbfd4d1f38b7799151997b20619d94a92.exe
Size

225KB
Sample

250101-19jk4sznam
MD5

2da4c570a78f9d8d84318e44a92fd665
SHA1

494438901dc0e5697f65fb90a645f15dccd3a260
SHA256

1210fcd613a91ce37572af5a12f4175fbfd4d1f38b7799151997b20619d94a92
SHA512

46b5e63e45ae9365b3e770428f8223f7579964008f70b7d4b17f853f6f91ffdb7bcd24cac962a2825dc5de3755ad3ad75c3eaf841d8d8146d3f5887f87a750d0
SSDEEP

6144:lA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:lATuTAnKGwUAW3ycQqg3

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  1210fcd613a91ce37572af5a12f4175fbfd4d1f38b7799151997b20619d94a92.exe
- Size
  
  225KB
- MD5
  
  2da4c570a78f9d8d84318e44a92fd665
- SHA1
  
  494438901dc0e5697f65fb90a645f15dccd3a260
- SHA256
  
  1210fcd613a91ce37572af5a12f4175fbfd4d1f38b7799151997b20619d94a92
- SHA512
  
  46b5e63e45ae9365b3e770428f8223f7579964008f70b7d4b17f853f6f91ffdb7bcd24cac962a2825dc5de3755ad3ad75c3eaf841d8d8146d3f5887f87a750d0
- SSDEEP
  
  6144:lA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:lATuTAnKGwUAW3ycQqg3
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2