Overview

overview

10

Static

static

5

6117db50ab...37.exe

windows7-x64

10

6117db50ab...37.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6117db50abd6bfbccdd5c70b149c42e052fd3df70700103611a846a6ba049137.exe

  • Size

    110KB

  • Sample

    250116-m8rnfaxmdt

  • MD5

    a4e9be96c1d7727a40c35e7aa7d065b4

  • SHA1

    77797f1ef8ed56e86600788715496d8055e61bcc

  • SHA256

    6117db50abd6bfbccdd5c70b149c42e052fd3df70700103611a846a6ba049137

  • SHA512

    cfe7438df760276744c6aa262392c3fd3cccc75c2faa32808d133dcf5b7458e20eaeff4d5cb4c8f6332d22935fefc3fdfd4b06772d405cd420232c4489273483

  • SSDEEP

    1536:7iLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:7iyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      6117db50abd6bfbccdd5c70b149c42e052fd3df70700103611a846a6ba049137.exe

    • Size

      110KB

    • MD5

      a4e9be96c1d7727a40c35e7aa7d065b4

    • SHA1

      77797f1ef8ed56e86600788715496d8055e61bcc

    • SHA256

      6117db50abd6bfbccdd5c70b149c42e052fd3df70700103611a846a6ba049137

    • SHA512

      cfe7438df760276744c6aa262392c3fd3cccc75c2faa32808d133dcf5b7458e20eaeff4d5cb4c8f6332d22935fefc3fdfd4b06772d405cd420232c4489273483

    • SSDEEP

      1536:7iLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:7iyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks