Overview

overview

10

Static

static

5

f8d7162266...eN.exe

windows7-x64

10

f8d7162266...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8d71622661096e0516e7d9d247069c6c23e4ac5834e91cdd122378275a2ec6eN.exe

  • Size

    110KB

  • Sample

    250212-xj8wjaspem

  • MD5

    065cbd049e7bd90a4ed900c83d6755a0

  • SHA1

    51d8b03c6a01b367da5167592f3990ea11054217

  • SHA256

    f8d71622661096e0516e7d9d247069c6c23e4ac5834e91cdd122378275a2ec6e

  • SHA512

    a5817eebcc8b8b25d1de17641a6ac6c6ad54a76e7e2ed1d9e56e18380c2a4319de4de577513127c585efdc7d4dc41ac0e176711a054c6c161a2c1d80882c4b4b

  • SSDEEP

    1536:QiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:QiyvRmDLs/ZrwWJjAqGcRJ2hQ

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      f8d71622661096e0516e7d9d247069c6c23e4ac5834e91cdd122378275a2ec6eN.exe

    • Size

      110KB

    • MD5

      065cbd049e7bd90a4ed900c83d6755a0

    • SHA1

      51d8b03c6a01b367da5167592f3990ea11054217

    • SHA256

      f8d71622661096e0516e7d9d247069c6c23e4ac5834e91cdd122378275a2ec6e

    • SHA512

      a5817eebcc8b8b25d1de17641a6ac6c6ad54a76e7e2ed1d9e56e18380c2a4319de4de577513127c585efdc7d4dc41ac0e176711a054c6c161a2c1d80882c4b4b

    • SSDEEP

      1536:QiLOvRmmQegJfBbmAQ256/ZrwWnwqjhurmKFcxL8JQ2r0EQ:QiyvRmDLs/ZrwWJjAqGcRJ2hQ

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Downloads MZ/PE file

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks