Overview

overview

10

Static

static

5

JaffaCakes...09.exe

windows7-x64

10

JaffaCakes...09.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7a2b5df8a36685ed8d0f5eac9773a509

  • Size

    160KB

  • Sample

    250107-z9x8tsyrcx

  • MD5

    7a2b5df8a36685ed8d0f5eac9773a509

  • SHA1

    e4852d1f9eae91296946c1a26d8aad37936431c0

  • SHA256

    9892dd374ffbc9f2fa0da4a3db54e9f7f6cfb920de03c8fab02bb8f98c339288

  • SHA512

    5dd975b4b9b679fd397cccd8f94c7f51816c281e081b371973a29035986a4f8aee1d06f3e2a6a2be96c4b8e4a1db3669c91395bee033c6a3ffea98b1df2007c6

  • SSDEEP

    1536:TEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:QY+4MiIkLZJNAQ9J6v

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_7a2b5df8a36685ed8d0f5eac9773a509

    • Size

      160KB

    • MD5

      7a2b5df8a36685ed8d0f5eac9773a509

    • SHA1

      e4852d1f9eae91296946c1a26d8aad37936431c0

    • SHA256

      9892dd374ffbc9f2fa0da4a3db54e9f7f6cfb920de03c8fab02bb8f98c339288

    • SHA512

      5dd975b4b9b679fd397cccd8f94c7f51816c281e081b371973a29035986a4f8aee1d06f3e2a6a2be96c4b8e4a1db3669c91395bee033c6a3ffea98b1df2007c6

    • SSDEEP

      1536:TEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:QY+4MiIkLZJNAQ9J6v

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks