Overview

overview

10

Static

static

5

4858b837aa...0N.exe

windows7-x64

10

4858b837aa...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4858b837aa37a7fa8cf2f71e9f5d619c18c5608b44156c98af192187c45f89e0N.exe

  • Size

    110KB

  • Sample

    250117-q85rvazqd1

  • MD5

    13d48ca83bc73f0e2084f7fbc0e0f660

  • SHA1

    f0019ff11e0cc13b32046cc82b6312dfa8d0c277

  • SHA256

    4858b837aa37a7fa8cf2f71e9f5d619c18c5608b44156c98af192187c45f89e0

  • SHA512

    bf870c2ff46974c540ffccfa1973413d4768dac47763a684cc939efb68cb6d0c613be1890233d2dde1f985d70288dc0c5a6fab422ec51fe1e2b5c950a7a13b55

  • SSDEEP

    1536:9iLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:9iyvRmDLs/ZrwWJjAqGcRJ2hA

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      4858b837aa37a7fa8cf2f71e9f5d619c18c5608b44156c98af192187c45f89e0N.exe

    • Size

      110KB

    • MD5

      13d48ca83bc73f0e2084f7fbc0e0f660

    • SHA1

      f0019ff11e0cc13b32046cc82b6312dfa8d0c277

    • SHA256

      4858b837aa37a7fa8cf2f71e9f5d619c18c5608b44156c98af192187c45f89e0

    • SHA512

      bf870c2ff46974c540ffccfa1973413d4768dac47763a684cc939efb68cb6d0c613be1890233d2dde1f985d70288dc0c5a6fab422ec51fe1e2b5c950a7a13b55

    • SSDEEP

      1536:9iLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:9iyvRmDLs/ZrwWJjAqGcRJ2hA

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks