tinba | 485b7338fb623447b7f5d9e180c1cd79b191addcb89338ac208a98bb793c3cf9 | Triage

Sharing

General

Target

485b7338fb623447b7f5d9e180c1cd79b191addcb89338ac208a98bb793c3cf9N.exe
Size

225KB
Sample

250216-1x6j4szrcz
MD5

c2a0da223ff7f5590e5c326f1eca8810
SHA1

b50e09750f4468442932752c3bba3a98e42fa555
SHA256

485b7338fb623447b7f5d9e180c1cd79b191addcb89338ac208a98bb793c3cf9
SHA512

0694bd460630742adceca6ebab97d34e27c024f0dc1a3a72a14f098744a0bd37beb38d0e53a686054333a0b92141fefb19d2ab648680ae6f7ad64ca77386c88f
SSDEEP

6144:JA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:JATuTAnKGwUAW3ycQqgf

Score

10^/10

tinba banker discovery persistence trojan

Malware Config

Targets

- Target
  
  485b7338fb623447b7f5d9e180c1cd79b191addcb89338ac208a98bb793c3cf9N.exe
- Size
  
  225KB
- MD5
  
  c2a0da223ff7f5590e5c326f1eca8810
- SHA1
  
  b50e09750f4468442932752c3bba3a98e42fa555
- SHA256
  
  485b7338fb623447b7f5d9e180c1cd79b191addcb89338ac208a98bb793c3cf9
- SHA512
  
  0694bd460630742adceca6ebab97d34e27c024f0dc1a3a72a14f098744a0bd37beb38d0e53a686054333a0b92141fefb19d2ab648680ae6f7ad64ca77386c88f
- SSDEEP
  
  6144:JA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:JATuTAnKGwUAW3ycQqgf
Score

10^/10

tinba banker discovery persistence trojan
- Tinba / TinyBanker
  Banking trojan which uses packet sniffing to steal data.
  trojan banker tinba
- Tinba family
  tinba
- Downloads MZ/PE file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

tinbabankerdiscoverypersistencetrojan

behavioral2