Overview

overview

10

Static

static

5

550df88ef2...3c.exe

windows7-x64

10

550df88ef2...3c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    550df88ef2c9fb5682f12c3c42eb6653e745f574694cffa4c2912ac225ed9a3c.exe

  • Size

    110KB

  • Sample

    250113-fpeq7szlck

  • MD5

    802c728015f0ba041a380ba223f814b8

  • SHA1

    0b16604a53f827ab8df99545524b6644c603205e

  • SHA256

    550df88ef2c9fb5682f12c3c42eb6653e745f574694cffa4c2912ac225ed9a3c

  • SHA512

    fa6832853f4b31a3ef7cbc7187ca8187041f070cbd095c91c3468971b2ee476c11652196909ad7fab280c992a8619a0101698cf98b5a12b9f9f98c16469ae24a

  • SSDEEP

    1536:MiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:MiyvRmDLs/ZrwWJjAqGcRJ2hQ

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      550df88ef2c9fb5682f12c3c42eb6653e745f574694cffa4c2912ac225ed9a3c.exe

    • Size

      110KB

    • MD5

      802c728015f0ba041a380ba223f814b8

    • SHA1

      0b16604a53f827ab8df99545524b6644c603205e

    • SHA256

      550df88ef2c9fb5682f12c3c42eb6653e745f574694cffa4c2912ac225ed9a3c

    • SHA512

      fa6832853f4b31a3ef7cbc7187ca8187041f070cbd095c91c3468971b2ee476c11652196909ad7fab280c992a8619a0101698cf98b5a12b9f9f98c16469ae24a

    • SSDEEP

      1536:MiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:MiyvRmDLs/ZrwWJjAqGcRJ2hQ

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks