Overview

overview

10

Static

static

5

a3ae2da8b8...8N.exe

windows7-x64

10

a3ae2da8b8...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a3ae2da8b8a6321e4d6309c9f9d2cc61cee56bc699ed256cd072e843d879b3a8N.exe

  • Size

    110KB

  • Sample

    250101-2ylrrs1qak

  • MD5

    be1fa59ac3153d4e7b4fcc6953700dc0

  • SHA1

    82c8ff5c72b6c1c667b2bec915c409dae47bfc4b

  • SHA256

    a3ae2da8b8a6321e4d6309c9f9d2cc61cee56bc699ed256cd072e843d879b3a8

  • SHA512

    2fedc61decda2a3efd7c1e18e0c4b0b7783d9147aaa4e0762479b563aee20c575bdccc5238bbf5352dba96da1aef023fd4b9ba28d0e4c73d0d3732fd79d00598

  • SSDEEP

    1536:giLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:giyvRmDLs/ZrwWJjAqGcRJ2hA

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      a3ae2da8b8a6321e4d6309c9f9d2cc61cee56bc699ed256cd072e843d879b3a8N.exe

    • Size

      110KB

    • MD5

      be1fa59ac3153d4e7b4fcc6953700dc0

    • SHA1

      82c8ff5c72b6c1c667b2bec915c409dae47bfc4b

    • SHA256

      a3ae2da8b8a6321e4d6309c9f9d2cc61cee56bc699ed256cd072e843d879b3a8

    • SHA512

      2fedc61decda2a3efd7c1e18e0c4b0b7783d9147aaa4e0762479b563aee20c575bdccc5238bbf5352dba96da1aef023fd4b9ba28d0e4c73d0d3732fd79d00598

    • SSDEEP

      1536:giLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:giyvRmDLs/ZrwWJjAqGcRJ2hA

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks