General
-
Target
78d8798321d584cc4ddae211cee8e580e69d3b488b8a1766cc0c2a74d5fc85c1.exe
-
Size
45KB
-
Sample
250101-a5daeszren
-
MD5
684af18f6e2d31560c806ddef68d6251
-
SHA1
325833769314cfae1d6eec3549dcee6ce66edd9f
-
SHA256
78d8798321d584cc4ddae211cee8e580e69d3b488b8a1766cc0c2a74d5fc85c1
-
SHA512
3efbf913b149455133bb831bf288959b5af3bfe663eaf078e1e2a744ddc5d457e89c371f5e8f10c2e1c09f139bbe7dd3017fd8565132a87c625f06daa74b1d85
-
SSDEEP
768:qhP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2X:GsWE9N5dFu53dsniQaB/xZ14n7zIF+qD
Malware Config
Targets
-
-
Target
78d8798321d584cc4ddae211cee8e580e69d3b488b8a1766cc0c2a74d5fc85c1.exe
-
Size
45KB
-
MD5
684af18f6e2d31560c806ddef68d6251
-
SHA1
325833769314cfae1d6eec3549dcee6ce66edd9f
-
SHA256
78d8798321d584cc4ddae211cee8e580e69d3b488b8a1766cc0c2a74d5fc85c1
-
SHA512
3efbf913b149455133bb831bf288959b5af3bfe663eaf078e1e2a744ddc5d457e89c371f5e8f10c2e1c09f139bbe7dd3017fd8565132a87c625f06daa74b1d85
-
SSDEEP
768:qhP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2X:GsWE9N5dFu53dsniQaB/xZ14n7zIF+qD
Score10/10-
Tinba / TinyBanker
Banking trojan which uses packet sniffing to steal data.
-
Tinba family
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1