Overview

overview

10

Static

static

5

d2748c0fad...8b.exe

windows7-x64

10

d2748c0fad...8b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d2748c0fadd5926c43c297fbfb921217b664b90ac5f65e195b43a411cad8018b.exe

  • Size

    110KB

  • Sample

    250116-n1qa3szmbr

  • MD5

    806e2d57376c8358d7e4add7b45695d0

  • SHA1

    cba047af6b35f399c0cc41aad15bfca1470773ca

  • SHA256

    d2748c0fadd5926c43c297fbfb921217b664b90ac5f65e195b43a411cad8018b

  • SHA512

    aca46304188a575b4d2363af82379f20a68008287dea322ecfc85310a192ce690534b7fb599de3eed10d2690f2afca00de5fbf3778bcee3a7f6d65c68cc057ea

  • SSDEEP

    1536:piLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:piyvRmDLs/ZrwWJjAqGcRJ2hA

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      d2748c0fadd5926c43c297fbfb921217b664b90ac5f65e195b43a411cad8018b.exe

    • Size

      110KB

    • MD5

      806e2d57376c8358d7e4add7b45695d0

    • SHA1

      cba047af6b35f399c0cc41aad15bfca1470773ca

    • SHA256

      d2748c0fadd5926c43c297fbfb921217b664b90ac5f65e195b43a411cad8018b

    • SHA512

      aca46304188a575b4d2363af82379f20a68008287dea322ecfc85310a192ce690534b7fb599de3eed10d2690f2afca00de5fbf3778bcee3a7f6d65c68cc057ea

    • SSDEEP

      1536:piLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:piyvRmDLs/ZrwWJjAqGcRJ2hA

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks