Overview

overview

10

Static

static

5

203fa5b045...8N.exe

windows7-x64

10

203fa5b045...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    203fa5b045bcc12dfe50844639897dea253bbbc19a0480d10e6f73eac37323d8N.exe

  • Size

    110KB

  • Sample

    250112-mb3z7syjfw

  • MD5

    26ed580ce355ffd8a6082f9413e74a10

  • SHA1

    c473cd5f724a259318f3beac83a4527e6294349a

  • SHA256

    203fa5b045bcc12dfe50844639897dea253bbbc19a0480d10e6f73eac37323d8

  • SHA512

    c22e85001c4cdae3e4b1c1b8902aa33c6c9aabc46f452e660938837c982ff3a3eab26d15e39960ff22b2d06d78a79ba01341cd06ca3b88bc3c245a0f40373a65

  • SSDEEP

    1536:fiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Ew:fiyvRmDLs/ZrwWJjAqGcRJ2hw

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      203fa5b045bcc12dfe50844639897dea253bbbc19a0480d10e6f73eac37323d8N.exe

    • Size

      110KB

    • MD5

      26ed580ce355ffd8a6082f9413e74a10

    • SHA1

      c473cd5f724a259318f3beac83a4527e6294349a

    • SHA256

      203fa5b045bcc12dfe50844639897dea253bbbc19a0480d10e6f73eac37323d8

    • SHA512

      c22e85001c4cdae3e4b1c1b8902aa33c6c9aabc46f452e660938837c982ff3a3eab26d15e39960ff22b2d06d78a79ba01341cd06ca3b88bc3c245a0f40373a65

    • SSDEEP

      1536:fiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Ew:fiyvRmDLs/ZrwWJjAqGcRJ2hw

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks