Overview

overview

10

Static

static

5

ccd4199b65...79.exe

windows7-x64

10

ccd4199b65...79.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ccd4199b65bd3758dbfd88dc2d7446a20a100c5db8e776260d09552adf2edb79

  • Size

    45KB

  • Sample

    250203-ftj7gs1mct

  • MD5

    26be5cadfbdc2c1686162e26ca94731a

  • SHA1

    b2a285380350d6ed2b53e8c53b503c16da9788af

  • SHA256

    ccd4199b65bd3758dbfd88dc2d7446a20a100c5db8e776260d09552adf2edb79

  • SHA512

    0278a2e3b1359b89225867ab166abb878513c9ee548ffbc9507f3679566c836de7c719ae1964ab8f71897266bb661ad347827541e27b1b9a0c6ad9ee3ff044c4

  • SSDEEP

    768:whP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2V:MsWE9N5dFu53dsniQaB/xZ14n7zIF+q5

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      ccd4199b65bd3758dbfd88dc2d7446a20a100c5db8e776260d09552adf2edb79

    • Size

      45KB

    • MD5

      26be5cadfbdc2c1686162e26ca94731a

    • SHA1

      b2a285380350d6ed2b53e8c53b503c16da9788af

    • SHA256

      ccd4199b65bd3758dbfd88dc2d7446a20a100c5db8e776260d09552adf2edb79

    • SHA512

      0278a2e3b1359b89225867ab166abb878513c9ee548ffbc9507f3679566c836de7c719ae1964ab8f71897266bb661ad347827541e27b1b9a0c6ad9ee3ff044c4

    • SSDEEP

      768:whP0kDE9N5dCA8J7VHXdrIniQaBTT+QQ+r1n4K8+C9TtIuCjaqUODvJVQ2V:MsWE9N5dFu53dsniQaB/xZ14n7zIF+q5

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks