tinba | a3df1a160245da7341acab0c304671b01a18822c25e1fdbe979474cea970b3a1 | Triage

Sharing

General

Target

a3df1a160245da7341acab0c304671b01a18822c25e1fdbe979474cea970b3a1.exe
Size

225KB
Sample

250121-et5bzswldk
MD5

06dff8c65b33bb466e5e19d8cf39e226
SHA1

8609a7b6f358d3aa4a6819f29a513da95a55529d
SHA256

a3df1a160245da7341acab0c304671b01a18822c25e1fdbe979474cea970b3a1
SHA512

f82b24331f9175a034b7c5bf96db643375e9a30cdd309a27e5de025f991203e44b4136c404d65bc3e2916098db0ea05fa2a2ebc3ab30d9d4525a4448a506a65e
SSDEEP

6144:1A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:1ATuTAnKGwUAW3ycQqg9

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  a3df1a160245da7341acab0c304671b01a18822c25e1fdbe979474cea970b3a1.exe
- Size
  
  225KB
- MD5
  
  06dff8c65b33bb466e5e19d8cf39e226
- SHA1
  
  8609a7b6f358d3aa4a6819f29a513da95a55529d
- SHA256
  
  a3df1a160245da7341acab0c304671b01a18822c25e1fdbe979474cea970b3a1
- SHA512
  
  f82b24331f9175a034b7c5bf96db643375e9a30cdd309a27e5de025f991203e44b4136c404d65bc3e2916098db0ea05fa2a2ebc3ab30d9d4525a4448a506a65e
- SSDEEP
  
  6144:1A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpY0:1ATuTAnKGwUAW3ycQqg9
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2