Overview

overview

10

Static

static

5

479e1f4340...a2.exe

windows7-x64

10

479e1f4340...a2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    479e1f43408dfa398846c7c40729c594f23023683e068afd4ef25c489e59e2a2.exe

  • Size

    110KB

  • Sample

    250211-lkz48ssnes

  • MD5

    ec212b51c43aeb402b866191ed0b2552

  • SHA1

    933936dcbd9fa4ff2f5eccf6bc8450aff1878cd1

  • SHA256

    479e1f43408dfa398846c7c40729c594f23023683e068afd4ef25c489e59e2a2

  • SHA512

    a63a9d89ef3e376f7c58e7345c5f60ea965be045178c08da1e8032c39c5c7a0c263764fe064f6d9f4b3985b9a5cc04344f0c48ffc837973bfabaee413e7f1744

  • SSDEEP

    1536:LiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:LiyvRmDLs/ZrwWJjAqGcRJ2hA

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      479e1f43408dfa398846c7c40729c594f23023683e068afd4ef25c489e59e2a2.exe

    • Size

      110KB

    • MD5

      ec212b51c43aeb402b866191ed0b2552

    • SHA1

      933936dcbd9fa4ff2f5eccf6bc8450aff1878cd1

    • SHA256

      479e1f43408dfa398846c7c40729c594f23023683e068afd4ef25c489e59e2a2

    • SHA512

      a63a9d89ef3e376f7c58e7345c5f60ea965be045178c08da1e8032c39c5c7a0c263764fe064f6d9f4b3985b9a5cc04344f0c48ffc837973bfabaee413e7f1744

    • SSDEEP

      1536:LiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EA:LiyvRmDLs/ZrwWJjAqGcRJ2hA

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks