Overview

overview

10

Static

static

5

JaffaCakes...e7.exe

windows7-x64

10

JaffaCakes...e7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_684b6209b8ca11659ee38adb779c04e7

  • Size

    160KB

  • Sample

    250107-rvb32swrfr

  • MD5

    684b6209b8ca11659ee38adb779c04e7

  • SHA1

    f2e025b16a3aa839967563f57aac8c8678551cb7

  • SHA256

    685f9989c1e6e50d48238c4cd0c6dfafdf9a7ecbdb64ba9359bca6a240e4eb53

  • SHA512

    e97224e65226fe58929137d014aecf631f54ef148106a96eb21cd55fce61ca73710d7d6f4e8ce3d4af682737ec7cc48a608f8812d6f83757bbcd3e6d8bb65767

  • SSDEEP

    1536:PEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:8Y+4MiIkLZJNAQ9J6v

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_684b6209b8ca11659ee38adb779c04e7

    • Size

      160KB

    • MD5

      684b6209b8ca11659ee38adb779c04e7

    • SHA1

      f2e025b16a3aa839967563f57aac8c8678551cb7

    • SHA256

      685f9989c1e6e50d48238c4cd0c6dfafdf9a7ecbdb64ba9359bca6a240e4eb53

    • SHA512

      e97224e65226fe58929137d014aecf631f54ef148106a96eb21cd55fce61ca73710d7d6f4e8ce3d4af682737ec7cc48a608f8812d6f83757bbcd3e6d8bb65767

    • SSDEEP

      1536:PEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:8Y+4MiIkLZJNAQ9J6v

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks