Overview

overview

10

Static

static

3

f2fc234451...aN.exe

windows7-x64

10

f2fc234451...aN.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f2fc2344519abe279ae510774be3e45c5fdae1269892d0b2068efc8a1ebd843aN.exe

  • Size

    54KB

  • Sample

    250208-r5n6cs1jg1

  • MD5

    265847d58a886c5f4e3ef45dd02ed2f0

  • SHA1

    d34f6efc8b6829afd4ca78fe5f85d0d3d820ebf9

  • SHA256

    f2fc2344519abe279ae510774be3e45c5fdae1269892d0b2068efc8a1ebd843a

  • SHA512

    e928fc845f6c9689010cc54b2cd16570f972ef691966cd27e122741e4cf8c577cfbfc9fc24a16410b6173ee43a82ab18472c700fdf934ff75eebf4defb5d9165

  • SSDEEP

    768:23CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:u5tPusSRJDTlLTOpJiaDjts4gfFi2+A

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      f2fc2344519abe279ae510774be3e45c5fdae1269892d0b2068efc8a1ebd843aN.exe

    • Size

      54KB

    • MD5

      265847d58a886c5f4e3ef45dd02ed2f0

    • SHA1

      d34f6efc8b6829afd4ca78fe5f85d0d3d820ebf9

    • SHA256

      f2fc2344519abe279ae510774be3e45c5fdae1269892d0b2068efc8a1ebd843a

    • SHA512

      e928fc845f6c9689010cc54b2cd16570f972ef691966cd27e122741e4cf8c577cfbfc9fc24a16410b6173ee43a82ab18472c700fdf934ff75eebf4defb5d9165

    • SSDEEP

      768:23CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:u5tPusSRJDTlLTOpJiaDjts4gfFi2+A

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Downloads MZ/PE file

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks