Overview

overview

10

Static

static

5

3cdb3043f8...8N.exe

windows7-x64

10

3cdb3043f8...8N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cdb3043f85f8466f2df2dc19b405571a0ba0f48d3f0f10813d79dfd07db3798N

  • Size

    45KB

  • Sample

    250113-lxen3axnfs

  • MD5

    78ee2e2c78c01117c8998d34320086a0

  • SHA1

    156cd312f1245c72725c34783605f423e92b0d3d

  • SHA256

    3cdb3043f85f8466f2df2dc19b405571a0ba0f48d3f0f10813d79dfd07db3798

  • SHA512

    c787b48355cfa14691edfa0f566563f2b50c77ae3ee26522262dba4362bc672ffbfdd9c9059b7d2d4fe0e24e0c2a446b1f8485ae70006d79cc111c7acacd7c62

  • SSDEEP

    768:EhP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ23:osWE9N5dFu53dsniQaB/xZ14n7zIF+qj

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      3cdb3043f85f8466f2df2dc19b405571a0ba0f48d3f0f10813d79dfd07db3798N

    • Size

      45KB

    • MD5

      78ee2e2c78c01117c8998d34320086a0

    • SHA1

      156cd312f1245c72725c34783605f423e92b0d3d

    • SHA256

      3cdb3043f85f8466f2df2dc19b405571a0ba0f48d3f0f10813d79dfd07db3798

    • SHA512

      c787b48355cfa14691edfa0f566563f2b50c77ae3ee26522262dba4362bc672ffbfdd9c9059b7d2d4fe0e24e0c2a446b1f8485ae70006d79cc111c7acacd7c62

    • SSDEEP

      768:EhP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ23:osWE9N5dFu53dsniQaB/xZ14n7zIF+qj

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks