Overview

overview

10

Static

static

5

2460fbe1a7...c8.exe

windows7-x64

10

2460fbe1a7...c8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2460fbe1a7595958285a864733ff82b6d3cbb50a0c538cc79beaafc0f10b52c8

  • Size

    113KB

  • Sample

    250221-z2hs6szpas

  • MD5

    520141102f57f8d5df76d7980b376f89

  • SHA1

    e9fade9a8a7cca44f445d4b5a13239fbf47eb2c2

  • SHA256

    2460fbe1a7595958285a864733ff82b6d3cbb50a0c538cc79beaafc0f10b52c8

  • SHA512

    060c501327303610eace2a27c7fcfb7643f8a3e4c9147d77c3ad3b1788498775093ff5a737712f24a9baf558616637111fa5cf2e4bb3fa1bc12a76a918a6daf2

  • SSDEEP

    1536:wiLOvRmmQegJfBbmAQ256/ZrwWhwqjhurmKFcbL86WV0E:wiyvRmDLs/ZrwWjjAqGcfzWH

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      2460fbe1a7595958285a864733ff82b6d3cbb50a0c538cc79beaafc0f10b52c8

    • Size

      113KB

    • MD5

      520141102f57f8d5df76d7980b376f89

    • SHA1

      e9fade9a8a7cca44f445d4b5a13239fbf47eb2c2

    • SHA256

      2460fbe1a7595958285a864733ff82b6d3cbb50a0c538cc79beaafc0f10b52c8

    • SHA512

      060c501327303610eace2a27c7fcfb7643f8a3e4c9147d77c3ad3b1788498775093ff5a737712f24a9baf558616637111fa5cf2e4bb3fa1bc12a76a918a6daf2

    • SSDEEP

      1536:wiLOvRmmQegJfBbmAQ256/ZrwWhwqjhurmKFcbL86WV0E:wiyvRmDLs/ZrwWjjAqGcfzWH

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks