Overview

overview

10

Static

static

5

bfb981fca6...95.exe

windows7-x64

10

bfb981fca6...95.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bfb981fca6b5589e2491db74f957b0b86b9e62705b0cf599df8c3b5bcc7e4995.exe

  • Size

    110KB

  • Sample

    250122-qwhfsazkfl

  • MD5

    38ffee240d0ea1f35ca535d3b8f09aff

  • SHA1

    8e1b08683ac45d3e2004307805b0cd2dfb9f8933

  • SHA256

    bfb981fca6b5589e2491db74f957b0b86b9e62705b0cf599df8c3b5bcc7e4995

  • SHA512

    cc6e128c6969f0c5e6839a4eb67deac48ed1e62f6239dc9e48aea19f3aeb09f7eca6413d86e2c56d6aeb9de5139e1544c54cb085e0be771b605b6229b9f15ad2

  • SSDEEP

    1536:AiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:AiyvRmDLs/ZrwWJjAqGcRJ2hQ

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      bfb981fca6b5589e2491db74f957b0b86b9e62705b0cf599df8c3b5bcc7e4995.exe

    • Size

      110KB

    • MD5

      38ffee240d0ea1f35ca535d3b8f09aff

    • SHA1

      8e1b08683ac45d3e2004307805b0cd2dfb9f8933

    • SHA256

      bfb981fca6b5589e2491db74f957b0b86b9e62705b0cf599df8c3b5bcc7e4995

    • SHA512

      cc6e128c6969f0c5e6839a4eb67deac48ed1e62f6239dc9e48aea19f3aeb09f7eca6413d86e2c56d6aeb9de5139e1544c54cb085e0be771b605b6229b9f15ad2

    • SSDEEP

      1536:AiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:AiyvRmDLs/ZrwWJjAqGcRJ2hQ

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks