Overview

overview

10

Static

static

5

160ea34709...0N.exe

windows7-x64

10

160ea34709...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    160ea3470913c1b69e1478750155399f329dd3657d191aa5b151d8cd2d189070N.exe

  • Size

    110KB

  • Sample

    250120-292mcsvjbk

  • MD5

    336ccf20427a25f041a57990b774dac0

  • SHA1

    499d08c7316337f19e3876c8ea323e9557acbda4

  • SHA256

    160ea3470913c1b69e1478750155399f329dd3657d191aa5b151d8cd2d189070

  • SHA512

    d14af5995165931b5896e94559fc8d3808c29c36613f2895fd5438868045b49ba5e98aa7a3e9681316f5980dd5c8d008f6c458ba44dff6115d59932c755cc596

  • SSDEEP

    1536:5iLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:5iyvRmDLs/ZrwWJjAqGcRJ2hQ

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      160ea3470913c1b69e1478750155399f329dd3657d191aa5b151d8cd2d189070N.exe

    • Size

      110KB

    • MD5

      336ccf20427a25f041a57990b774dac0

    • SHA1

      499d08c7316337f19e3876c8ea323e9557acbda4

    • SHA256

      160ea3470913c1b69e1478750155399f329dd3657d191aa5b151d8cd2d189070

    • SHA512

      d14af5995165931b5896e94559fc8d3808c29c36613f2895fd5438868045b49ba5e98aa7a3e9681316f5980dd5c8d008f6c458ba44dff6115d59932c755cc596

    • SSDEEP

      1536:5iLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:5iyvRmDLs/ZrwWJjAqGcRJ2hQ

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks