Overview

overview

10

Static

static

5

JaffaCakes...41.exe

windows7-x64

10

JaffaCakes...41.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_673e4ddecf084e93223532306d615c41

  • Size

    160KB

  • Sample

    250102-w3w6ea1kbx

  • MD5

    673e4ddecf084e93223532306d615c41

  • SHA1

    5a7d1853a8bef9e993e87898c3d7938df10304ee

  • SHA256

    26c90122e896f9e48e2a319572cfaaba38af7570c5299d4d7ddc4e12a0fb95dc

  • SHA512

    875e4dc46258ca0d2013c8d795ed469573662551fbf45525f275d0fc386d3b6891f8f7e89fbb53adbd5f2d16079622b7de1ceb6066fc437ded8e9915c29bbd8f

  • SSDEEP

    1536:kEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:XY+4MiIkLZJNAQ9J6v

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_673e4ddecf084e93223532306d615c41

    • Size

      160KB

    • MD5

      673e4ddecf084e93223532306d615c41

    • SHA1

      5a7d1853a8bef9e993e87898c3d7938df10304ee

    • SHA256

      26c90122e896f9e48e2a319572cfaaba38af7570c5299d4d7ddc4e12a0fb95dc

    • SHA512

      875e4dc46258ca0d2013c8d795ed469573662551fbf45525f275d0fc386d3b6891f8f7e89fbb53adbd5f2d16079622b7de1ceb6066fc437ded8e9915c29bbd8f

    • SSDEEP

      1536:kEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:XY+4MiIkLZJNAQ9J6v

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks