Overview

overview

10

Static

static

3

faa7f3af20...ac.exe

windows7-x64

10

faa7f3af20...ac.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    faa7f3af20f8d357e8f3d3518b1bf38fa9f5c88249e567293ed2e97c400cf4ac.exe

  • Size

    54KB

  • Sample

    250202-w4t3fawldn

  • MD5

    5e37ea3ab68e7f1b1d94d2ab50c078c8

  • SHA1

    cf500885bcde345b0ff119c39fbf7b08589e3826

  • SHA256

    faa7f3af20f8d357e8f3d3518b1bf38fa9f5c88249e567293ed2e97c400cf4ac

  • SHA512

    1c736869a2012d254ae7edab1c2e963277cf72c3775cf16b20356e77d1abd382ff104eb4c032199c65503bd5afd3283b6d9d99fa85849a9a320dbe021f63aa26

  • SSDEEP

    768:93CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBC:t5tPusSRJDTlLTOpJiaDjts4gfFi2+g

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      faa7f3af20f8d357e8f3d3518b1bf38fa9f5c88249e567293ed2e97c400cf4ac.exe

    • Size

      54KB

    • MD5

      5e37ea3ab68e7f1b1d94d2ab50c078c8

    • SHA1

      cf500885bcde345b0ff119c39fbf7b08589e3826

    • SHA256

      faa7f3af20f8d357e8f3d3518b1bf38fa9f5c88249e567293ed2e97c400cf4ac

    • SHA512

      1c736869a2012d254ae7edab1c2e963277cf72c3775cf16b20356e77d1abd382ff104eb4c032199c65503bd5afd3283b6d9d99fa85849a9a320dbe021f63aa26

    • SSDEEP

      768:93CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBC:t5tPusSRJDTlLTOpJiaDjts4gfFi2+g

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks