Overview

overview

10

Static

static

5

JaffaCakes...8a.exe

windows7-x64

10

JaffaCakes...8a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_df72e701cbb32ebaa98c42117415c68a

  • Size

    34KB

  • Sample

    250110-j7xlhsyjf1

  • MD5

    df72e701cbb32ebaa98c42117415c68a

  • SHA1

    ed7089e67b3c021d84586648fd27b4b1c0a4da4a

  • SHA256

    02c7ee3b9e4db89d0d97ae0d43be4f05f13972aaa6adf91f43d4b7d7e9fb8131

  • SHA512

    74a99e2d3321eb719c112badb251c79b012752b974311be2922edaa2d366ac81284f762a822436fb8b3576682b5ba57c84c3e895ac733b8f906f738c1a16d593

  • SSDEEP

    768:wp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:wpYoX58z1uirL98xMWnT0OQ9J2

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_df72e701cbb32ebaa98c42117415c68a

    • Size

      34KB

    • MD5

      df72e701cbb32ebaa98c42117415c68a

    • SHA1

      ed7089e67b3c021d84586648fd27b4b1c0a4da4a

    • SHA256

      02c7ee3b9e4db89d0d97ae0d43be4f05f13972aaa6adf91f43d4b7d7e9fb8131

    • SHA512

      74a99e2d3321eb719c112badb251c79b012752b974311be2922edaa2d366ac81284f762a822436fb8b3576682b5ba57c84c3e895ac733b8f906f738c1a16d593

    • SSDEEP

      768:wp22qWFcy5XQ7lO41uirwA98p3MpkNBxd0cJWV6dy/x9J2:wpYoX58z1uirL98xMWnT0OQ9J2

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks