Overview

overview

10

Static

static

5

JaffaCakes...1e.exe

windows7-x64

10

JaffaCakes...1e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6a324668cbcf97dd3639e7f399085c1e

  • Size

    89KB

  • Sample

    250107-smt5bswngz

  • MD5

    6a324668cbcf97dd3639e7f399085c1e

  • SHA1

    8258aebe68c1f858333d51b3ad3af3ef5d3dd6db

  • SHA256

    7ba3ccdf872fb9decbfe877348b9ad62b30917326de144034ebf4b3fe71f0f31

  • SHA512

    5d1d9f2474cd770296f8112d64d5fe5e10d50d669da64abfc200cbd4393cf2e1ace67e6a5ade3da78bcd7373e87d22420dec83202702538ec66025fcfc7961b7

  • SSDEEP

    1536:vr+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7e:T+4MJIkLZJNAQ9Jo9e

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_6a324668cbcf97dd3639e7f399085c1e

    • Size

      89KB

    • MD5

      6a324668cbcf97dd3639e7f399085c1e

    • SHA1

      8258aebe68c1f858333d51b3ad3af3ef5d3dd6db

    • SHA256

      7ba3ccdf872fb9decbfe877348b9ad62b30917326de144034ebf4b3fe71f0f31

    • SHA512

      5d1d9f2474cd770296f8112d64d5fe5e10d50d669da64abfc200cbd4393cf2e1ace67e6a5ade3da78bcd7373e87d22420dec83202702538ec66025fcfc7961b7

    • SSDEEP

      1536:vr+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7e:T+4MJIkLZJNAQ9Jo9e

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks