Overview

overview

10

Static

static

5

32226d010b...dN.exe

windows7-x64

10

32226d010b...dN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32226d010bfeff26a8aeddd66a33c8c29a4f4571d2bcee37f51f586b0a78100dN.exe

  • Size

    89KB

  • Sample

    250108-r9be3awqbq

  • MD5

    65e7024f57d958992852cf9fedc8b800

  • SHA1

    5fcf85af3b35eb0a4cfdeafdeea623e01dd29784

  • SHA256

    32226d010bfeff26a8aeddd66a33c8c29a4f4571d2bcee37f51f586b0a78100d

  • SHA512

    e8612e1cb047349aa9f4d1df1352e362f2a1c5476bda7aae0d4fe6ec2eaaee5fdcb7604a9e284e59ecb9ff6cc7d562d860d7dd919c35dd60c0cdf21aba83cbc5

  • SSDEEP

    1536:r1+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7a:B+4MJIkLZJNAQ9Jo9a

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      32226d010bfeff26a8aeddd66a33c8c29a4f4571d2bcee37f51f586b0a78100dN.exe

    • Size

      89KB

    • MD5

      65e7024f57d958992852cf9fedc8b800

    • SHA1

      5fcf85af3b35eb0a4cfdeafdeea623e01dd29784

    • SHA256

      32226d010bfeff26a8aeddd66a33c8c29a4f4571d2bcee37f51f586b0a78100d

    • SHA512

      e8612e1cb047349aa9f4d1df1352e362f2a1c5476bda7aae0d4fe6ec2eaaee5fdcb7604a9e284e59ecb9ff6cc7d562d860d7dd919c35dd60c0cdf21aba83cbc5

    • SSDEEP

      1536:r1+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7a:B+4MJIkLZJNAQ9Jo9a

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks