Overview

overview

10

Static

static

5

a47a7ef654...cN.exe

windows7-x64

10

a47a7ef654...cN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a47a7ef6547ef1feeffaf7093a72dd28ccc7294e35c0af536df1a9dc2052839cN.exe

  • Size

    113KB

  • Sample

    250205-bxp5patrcp

  • MD5

    32d01a5aa09c4f78b7b4fdad5d9ec8c0

  • SHA1

    d86590ce6719fd609fa3c0a1f5577726807fb465

  • SHA256

    a47a7ef6547ef1feeffaf7093a72dd28ccc7294e35c0af536df1a9dc2052839c

  • SHA512

    ff5e2ddf8a47a514b1766d4158c7b9e4f731f2692cec07f13b2dcd2d576e734ab7d630730c370c6e03cfd163fce4be92b346a2df90fbfda99a4f585e05cecb15

  • SSDEEP

    1536:BiLOvRmmQegJfBbmAQ256/ZrwWhwqjhurmKFcbL86WV0E:BiyvRmDLs/ZrwWjjAqGcfzWH

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      a47a7ef6547ef1feeffaf7093a72dd28ccc7294e35c0af536df1a9dc2052839cN.exe

    • Size

      113KB

    • MD5

      32d01a5aa09c4f78b7b4fdad5d9ec8c0

    • SHA1

      d86590ce6719fd609fa3c0a1f5577726807fb465

    • SHA256

      a47a7ef6547ef1feeffaf7093a72dd28ccc7294e35c0af536df1a9dc2052839c

    • SHA512

      ff5e2ddf8a47a514b1766d4158c7b9e4f731f2692cec07f13b2dcd2d576e734ab7d630730c370c6e03cfd163fce4be92b346a2df90fbfda99a4f585e05cecb15

    • SSDEEP

      1536:BiLOvRmmQegJfBbmAQ256/ZrwWhwqjhurmKFcbL86WV0E:BiyvRmDLs/ZrwWjjAqGcfzWH

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks