Overview

overview

10

Static

static

5

7d131d8a9f...9N.exe

windows7-x64

10

7d131d8a9f...9N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d131d8a9f19d2834bf3c967e77faaef841ff999c7d26d34f91103fb0aa14989N.exe

  • Size

    110KB

  • Sample

    250120-gscaxsvlfy

  • MD5

    0f5c43f4303757884bf2b828f82f1250

  • SHA1

    41ecd616f35eee5f55d832c2bff329d692e91996

  • SHA256

    7d131d8a9f19d2834bf3c967e77faaef841ff999c7d26d34f91103fb0aa14989

  • SHA512

    7958ffe370301bad59cc756614f7d5284bfa13f8b6e93b26944777a99f9696ed59b4e6778de6b72022071d9efc83c1582165a7899d65c39c52bdc0aaceb6aad8

  • SSDEEP

    1536:XiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Ew:XiyvRmDLs/ZrwWJjAqGcRJ2hw

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      7d131d8a9f19d2834bf3c967e77faaef841ff999c7d26d34f91103fb0aa14989N.exe

    • Size

      110KB

    • MD5

      0f5c43f4303757884bf2b828f82f1250

    • SHA1

      41ecd616f35eee5f55d832c2bff329d692e91996

    • SHA256

      7d131d8a9f19d2834bf3c967e77faaef841ff999c7d26d34f91103fb0aa14989

    • SHA512

      7958ffe370301bad59cc756614f7d5284bfa13f8b6e93b26944777a99f9696ed59b4e6778de6b72022071d9efc83c1582165a7899d65c39c52bdc0aaceb6aad8

    • SSDEEP

      1536:XiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Ew:XiyvRmDLs/ZrwWJjAqGcRJ2hw

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks