Overview

overview

10

Static

static

3

b454ce6da3...7N.exe

windows7-x64

10

b454ce6da3...7N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b454ce6da3dc3b24631375258d8fef22fcee8c2ec6b7f2db4a803d8d5035f907N.exe

  • Size

    54KB

  • Sample

    250212-q737mavjct

  • MD5

    ab4dcb4e96855fcff4945b23cd8ad590

  • SHA1

    7252078dccf65a9ef94798af8440dec2aae582b8

  • SHA256

    b454ce6da3dc3b24631375258d8fef22fcee8c2ec6b7f2db4a803d8d5035f907

  • SHA512

    e30ad9d50ce5c4a081d3e73bb6c074c7d6227393bfd3a0742fea805ea6708c9297b13493220bf5753eb66fefc7b3e5eb90b4d2efa1de003ae6557efe3d05b8d2

  • SSDEEP

    768:w3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:o5tPusSRJDTlLTOpJiaDjts4gfFi2+A

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      b454ce6da3dc3b24631375258d8fef22fcee8c2ec6b7f2db4a803d8d5035f907N.exe

    • Size

      54KB

    • MD5

      ab4dcb4e96855fcff4945b23cd8ad590

    • SHA1

      7252078dccf65a9ef94798af8440dec2aae582b8

    • SHA256

      b454ce6da3dc3b24631375258d8fef22fcee8c2ec6b7f2db4a803d8d5035f907

    • SHA512

      e30ad9d50ce5c4a081d3e73bb6c074c7d6227393bfd3a0742fea805ea6708c9297b13493220bf5753eb66fefc7b3e5eb90b4d2efa1de003ae6557efe3d05b8d2

    • SSDEEP

      768:w3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:o5tPusSRJDTlLTOpJiaDjts4gfFi2+A

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Downloads MZ/PE file

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks