Overview

overview

10

Static

static

5

JaffaCakes...14.exe

windows7-x64

10

JaffaCakes...14.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_5212b213a258a4b70fdd22e0f84a2c14

  • Size

    160KB

  • Sample

    250107-gyde6szlhr

  • MD5

    5212b213a258a4b70fdd22e0f84a2c14

  • SHA1

    04a2ab258aee31a18ac7c5ddb0cef68e0a92ee12

  • SHA256

    96b7228a95dd8938ab52b02c747e8cc16fea7b751d90dd5930c8c4fd4595dd4f

  • SHA512

    75410f39a2bd4594cc1392baa5b0c13a767fa81188825be2c41c4965b19aec1802e1198db1b11c640c4861031286ddc369b5a94ae2bf00393c10f5ec3ff3a48d

  • SSDEEP

    1536:REY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:aY+4MiIkLZJNAQ9J6v

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_5212b213a258a4b70fdd22e0f84a2c14

    • Size

      160KB

    • MD5

      5212b213a258a4b70fdd22e0f84a2c14

    • SHA1

      04a2ab258aee31a18ac7c5ddb0cef68e0a92ee12

    • SHA256

      96b7228a95dd8938ab52b02c747e8cc16fea7b751d90dd5930c8c4fd4595dd4f

    • SHA512

      75410f39a2bd4594cc1392baa5b0c13a767fa81188825be2c41c4965b19aec1802e1198db1b11c640c4861031286ddc369b5a94ae2bf00393c10f5ec3ff3a48d

    • SSDEEP

      1536:REY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:aY+4MiIkLZJNAQ9J6v

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks