Overview

overview

10

Static

static

5

JaffaCakes...19.exe

windows7-x64

10

JaffaCakes...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_2ce63674473501bc672e6b73d1806c19

  • Size

    34KB

  • Sample

    250106-tft2essqer

  • MD5

    2ce63674473501bc672e6b73d1806c19

  • SHA1

    820c644359c699bfbd2deb728a9d866e8d6aba5b

  • SHA256

    a28f0016761da369d12f04b4d86cbd2c45178ca6e7f9784036b419f0b8d4e978

  • SHA512

    9052e9c74f533163ce8358a106d3d3366f92ed1fb659eda5baa6d71f29cec7bb680534a094121d5dcde73223c5395b6b2ea301d6ad5f212f56822d33c8244b72

  • SSDEEP

    768:Up22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:UpYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_2ce63674473501bc672e6b73d1806c19

    • Size

      34KB

    • MD5

      2ce63674473501bc672e6b73d1806c19

    • SHA1

      820c644359c699bfbd2deb728a9d866e8d6aba5b

    • SHA256

      a28f0016761da369d12f04b4d86cbd2c45178ca6e7f9784036b419f0b8d4e978

    • SHA512

      9052e9c74f533163ce8358a106d3d3366f92ed1fb659eda5baa6d71f29cec7bb680534a094121d5dcde73223c5395b6b2ea301d6ad5f212f56822d33c8244b72

    • SSDEEP

      768:Up22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:UpYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks