Overview

overview

10

Static

static

3

34c86abcc6...f7.exe

windows7-x64

10

34c86abcc6...f7.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34c86abcc665e0f1c60a882f91fdac2811301c8b9cc0572ccfb724cf733456f7

  • Size

    54KB

  • Sample

    250206-154qgs1khk

  • MD5

    cebc87c85faef82fc23175edc8615dfb

  • SHA1

    d5b1813abefd455e88f56b98e5bbf0140332b4c1

  • SHA256

    34c86abcc665e0f1c60a882f91fdac2811301c8b9cc0572ccfb724cf733456f7

  • SHA512

    aab92cd61807d19be762c80353c9733cdbd82615845d36905d080832fbdde75305209ae9688faaa7e23c3e7da96e81bc65d43bc04c624a0c7b93dc9871711cc1

  • SSDEEP

    768:D3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:75tPusSRJDTlLTOpJiaDjts4gfFi2+A

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      34c86abcc665e0f1c60a882f91fdac2811301c8b9cc0572ccfb724cf733456f7

    • Size

      54KB

    • MD5

      cebc87c85faef82fc23175edc8615dfb

    • SHA1

      d5b1813abefd455e88f56b98e5bbf0140332b4c1

    • SHA256

      34c86abcc665e0f1c60a882f91fdac2811301c8b9cc0572ccfb724cf733456f7

    • SHA512

      aab92cd61807d19be762c80353c9733cdbd82615845d36905d080832fbdde75305209ae9688faaa7e23c3e7da96e81bc65d43bc04c624a0c7b93dc9871711cc1

    • SSDEEP

      768:D3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:75tPusSRJDTlLTOpJiaDjts4gfFi2+A

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks