tinba | cb75254bce4a4991d5bc9900fad3b54a047a678e8eafece414b5ba17ace936ea | Triage

Sharing

General

Target

cb75254bce4a4991d5bc9900fad3b54a047a678e8eafece414b5ba17ace936ea
Size

225KB
Sample

250115-jt7jkawmgy
MD5

44f7a2df07912fb6252f7376ba75f728
SHA1

d7997dd5ae3a3d34e433f86bf7c81ed7b0625979
SHA256

cb75254bce4a4991d5bc9900fad3b54a047a678e8eafece414b5ba17ace936ea
SHA512

a3886914ab646065d4db1ae104668c0e4defe076c4124d15b80b5d973266b728d0f49902372c8e15e33dd24a16276f2274b4254273207cb5b941ddc4c4c9a478
SSDEEP

6144:zA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:zATuTAnKGwUAW3ycQqgf

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  cb75254bce4a4991d5bc9900fad3b54a047a678e8eafece414b5ba17ace936ea
- Size
  
  225KB
- MD5
  
  44f7a2df07912fb6252f7376ba75f728
- SHA1
  
  d7997dd5ae3a3d34e433f86bf7c81ed7b0625979
- SHA256
  
  cb75254bce4a4991d5bc9900fad3b54a047a678e8eafece414b5ba17ace936ea
- SHA512
  
  a3886914ab646065d4db1ae104668c0e4defe076c4124d15b80b5d973266b728d0f49902372c8e15e33dd24a16276f2274b4254273207cb5b941ddc4c4c9a478
- SSDEEP
  
  6144:zA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:zATuTAnKGwUAW3ycQqgf
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2