Overview

overview

10

Static

static

5

fe7b8cdc39...0N.exe

windows7-x64

10

fe7b8cdc39...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe7b8cdc39247a1366c2f04d91a4ac93385177879509c02ac3761e5f637e85a0N.exe

  • Size

    110KB

  • Sample

    250205-wmfhqazlgp

  • MD5

    e18be89a930b6126348f95012530fd10

  • SHA1

    61974400e8ae35973a58bc9f14e50377a569e8fa

  • SHA256

    fe7b8cdc39247a1366c2f04d91a4ac93385177879509c02ac3761e5f637e85a0

  • SHA512

    93cacbf2a69717da47e136a1e8300ca8f204be2c7864cc35d86e41e4c2bdfade7b60330eab9a875d9f51bb052cac5324d6729e8b654cba10249523d91645f297

  • SSDEEP

    1536:KiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:KiyvRmDLs/ZrwWJjAqGcRJ2hg

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      fe7b8cdc39247a1366c2f04d91a4ac93385177879509c02ac3761e5f637e85a0N.exe

    • Size

      110KB

    • MD5

      e18be89a930b6126348f95012530fd10

    • SHA1

      61974400e8ae35973a58bc9f14e50377a569e8fa

    • SHA256

      fe7b8cdc39247a1366c2f04d91a4ac93385177879509c02ac3761e5f637e85a0

    • SHA512

      93cacbf2a69717da47e136a1e8300ca8f204be2c7864cc35d86e41e4c2bdfade7b60330eab9a875d9f51bb052cac5324d6729e8b654cba10249523d91645f297

    • SSDEEP

      1536:KiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0Eg:KiyvRmDLs/ZrwWJjAqGcRJ2hg

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks