Overview

overview

10

Static

static

5

JaffaCakes...7a.exe

windows7-x64

10

JaffaCakes...7a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_cf6bc6cb00d4876ab0595e3d1c0abe7a

  • Size

    104KB

  • Sample

    250109-xbvc6szkan

  • MD5

    cf6bc6cb00d4876ab0595e3d1c0abe7a

  • SHA1

    62531cd3e741007de0bf25aa6788b230dbebb2d2

  • SHA256

    2e84832fd9d1c23ffd39778bb91fb6f07751aa11367d47a3e278c6a813376cb6

  • SHA512

    ca84769f72add111567ac52904a850ba4850597b4eb16988431a24ff602c5cc079c4a847dbd787d3c0f9bfb1a08146aa425b498fbfa8a1ad56dc808d4a6ecf5c

  • SSDEEP

    1536:ID/AwPx+riFFG1l/m3wEeQqjh+rmKVsWiVPsrhSBXUc/z:IDBYnFE2jwqWsWMfXnz

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_cf6bc6cb00d4876ab0595e3d1c0abe7a

    • Size

      104KB

    • MD5

      cf6bc6cb00d4876ab0595e3d1c0abe7a

    • SHA1

      62531cd3e741007de0bf25aa6788b230dbebb2d2

    • SHA256

      2e84832fd9d1c23ffd39778bb91fb6f07751aa11367d47a3e278c6a813376cb6

    • SHA512

      ca84769f72add111567ac52904a850ba4850597b4eb16988431a24ff602c5cc079c4a847dbd787d3c0f9bfb1a08146aa425b498fbfa8a1ad56dc808d4a6ecf5c

    • SSDEEP

      1536:ID/AwPx+riFFG1l/m3wEeQqjh+rmKVsWiVPsrhSBXUc/z:IDBYnFE2jwqWsWMfXnz

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks