Overview

overview

10

Static

static

3

1893174c97...ac.exe

windows7-x64

10

1893174c97...ac.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1893174c97d41e73feb1962371eef41299e9a27f76cb3634c2922d3bdfd6dbac.exe

  • Size

    54KB

  • Sample

    250126-1tlersvrfy

  • MD5

    66527989abb36db9d187c010f4173f05

  • SHA1

    862023c922d8142020bd115f5f1523334c659c51

  • SHA256

    1893174c97d41e73feb1962371eef41299e9a27f76cb3634c2922d3bdfd6dbac

  • SHA512

    e9eaa3011198b577b5ccd27fa1058f415ca94c666ec1632c0679bf1c1b3379ca74aa161b452c2afbd1685b53d6bf00ceb69818d58e63c978c4d7375f400b437c

  • SSDEEP

    768:q3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBm:65tPusSRJDTlLTOpJiaDjts4gfFi2+Q

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      1893174c97d41e73feb1962371eef41299e9a27f76cb3634c2922d3bdfd6dbac.exe

    • Size

      54KB

    • MD5

      66527989abb36db9d187c010f4173f05

    • SHA1

      862023c922d8142020bd115f5f1523334c659c51

    • SHA256

      1893174c97d41e73feb1962371eef41299e9a27f76cb3634c2922d3bdfd6dbac

    • SHA512

      e9eaa3011198b577b5ccd27fa1058f415ca94c666ec1632c0679bf1c1b3379ca74aa161b452c2afbd1685b53d6bf00ceb69818d58e63c978c4d7375f400b437c

    • SSDEEP

      768:q3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBm:65tPusSRJDTlLTOpJiaDjts4gfFi2+Q

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks