Overview

overview

10

Static

static

5

JaffaCakes...a0.exe

windows7-x64

10

JaffaCakes...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8de997ffe6cf67c888a324c8d7b160a0

  • Size

    89KB

  • Sample

    250105-fzg93svpgm

  • MD5

    8de997ffe6cf67c888a324c8d7b160a0

  • SHA1

    e69a08371234330518a865c225f99c6a6c1bf391

  • SHA256

    4c5d42035c6e7c5830564abd41daf52640393333c210d111b2039a1db80d696a

  • SHA512

    bd4990350e00a9d7f21f2a46fa55e0a0b8ab07e20634e99dbd36c63becb23b10d1ce7676a0f45e75f26811ab765cd4f051d292309da3c4cf14331b64c92d843d

  • SSDEEP

    1536:Cr+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7e:k+4MJIkLZJNAQ9Jo9e

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_8de997ffe6cf67c888a324c8d7b160a0

    • Size

      89KB

    • MD5

      8de997ffe6cf67c888a324c8d7b160a0

    • SHA1

      e69a08371234330518a865c225f99c6a6c1bf391

    • SHA256

      4c5d42035c6e7c5830564abd41daf52640393333c210d111b2039a1db80d696a

    • SHA512

      bd4990350e00a9d7f21f2a46fa55e0a0b8ab07e20634e99dbd36c63becb23b10d1ce7676a0f45e75f26811ab765cd4f051d292309da3c4cf14331b64c92d843d

    • SSDEEP

      1536:Cr+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7e:k+4MJIkLZJNAQ9Jo9e

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks