Overview

overview

10

Static

static

5

JaffaCakes...9c.exe

windows7-x64

10

JaffaCakes...9c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ef2572da35a341b1dd1f06f7f85cd99c

  • Size

    34KB

  • Sample

    250110-1pcl3a1qbj

  • MD5

    ef2572da35a341b1dd1f06f7f85cd99c

  • SHA1

    68a0ed2400bee714638d435b34e0fa35d343389a

  • SHA256

    05a0d757241855a50f31a3b47da032b5102a787bb91f8fc507d1029335840a81

  • SHA512

    dd35d0f00b6f67823ae2d0242df85b749730c96aad0e90481b328dc18b6c9095ebfa5f74763b3336ed3ad1f572d83cd1822cc036a96fb3a35b5e0f8bde786665

  • SSDEEP

    768:Hp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:HpYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_ef2572da35a341b1dd1f06f7f85cd99c

    • Size

      34KB

    • MD5

      ef2572da35a341b1dd1f06f7f85cd99c

    • SHA1

      68a0ed2400bee714638d435b34e0fa35d343389a

    • SHA256

      05a0d757241855a50f31a3b47da032b5102a787bb91f8fc507d1029335840a81

    • SHA512

      dd35d0f00b6f67823ae2d0242df85b749730c96aad0e90481b328dc18b6c9095ebfa5f74763b3336ed3ad1f572d83cd1822cc036a96fb3a35b5e0f8bde786665

    • SSDEEP

      768:Hp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:HpYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks