Overview

overview

10

Static

static

5

ea4df1bb1b...dN.exe

windows7-x64

10

ea4df1bb1b...dN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea4df1bb1b61b7643a0efbba9e3ec6780d6f57a40b0c691ca5fe0f5acc09f7cdN.exe

  • Size

    110KB

  • Sample

    250123-gcm3gsvmd1

  • MD5

    5a71b8ec4913df1b1a964e3a402bda60

  • SHA1

    e823bd26912e5254cbf571fb31fb55fa94395577

  • SHA256

    ea4df1bb1b61b7643a0efbba9e3ec6780d6f57a40b0c691ca5fe0f5acc09f7cd

  • SHA512

    39b23ecaa40b19593eeeb6f96c66c97dfed3a7cf9c357246be812c7fded552319e5b72a20ae1e3b81d058167babe38107ccd1687251ddcaec22555547a7064d1

  • SSDEEP

    1536:eiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:eiyvRmDLs/ZrwWJjAqGcRJ2hA

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      ea4df1bb1b61b7643a0efbba9e3ec6780d6f57a40b0c691ca5fe0f5acc09f7cdN.exe

    • Size

      110KB

    • MD5

      5a71b8ec4913df1b1a964e3a402bda60

    • SHA1

      e823bd26912e5254cbf571fb31fb55fa94395577

    • SHA256

      ea4df1bb1b61b7643a0efbba9e3ec6780d6f57a40b0c691ca5fe0f5acc09f7cd

    • SHA512

      39b23ecaa40b19593eeeb6f96c66c97dfed3a7cf9c357246be812c7fded552319e5b72a20ae1e3b81d058167babe38107ccd1687251ddcaec22555547a7064d1

    • SSDEEP

      1536:eiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:eiyvRmDLs/ZrwWJjAqGcRJ2hA

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks