Overview

overview

10

Static

static

3

a36c05cb54...19.exe

windows7-x64

10

a36c05cb54...19.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a36c05cb5483f6f5b914efe41a074c71ed841953c9c13485cdf2c7dfd256d819

  • Size

    54KB

  • Sample

    250223-c3z3hsvkhz

  • MD5

    7d2441a43acf871f077141fcfb9737af

  • SHA1

    b6fbeaaf240ffa6d1e5421b69b74e9e35137de48

  • SHA256

    a36c05cb5483f6f5b914efe41a074c71ed841953c9c13485cdf2c7dfd256d819

  • SHA512

    23a4340e3e4e17452da68d8b7c620a149ac6fb1f785c5f5f6c9a90fd720b1acfcfd7b54ddf5d89807b050d8982c8003f6727a88ae58146947e19254b77ae7c70

  • SSDEEP

    768:w3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBi:o5tPusSRJDTlLTOpJiaDjts4gfFi2+g

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      a36c05cb5483f6f5b914efe41a074c71ed841953c9c13485cdf2c7dfd256d819

    • Size

      54KB

    • MD5

      7d2441a43acf871f077141fcfb9737af

    • SHA1

      b6fbeaaf240ffa6d1e5421b69b74e9e35137de48

    • SHA256

      a36c05cb5483f6f5b914efe41a074c71ed841953c9c13485cdf2c7dfd256d819

    • SHA512

      23a4340e3e4e17452da68d8b7c620a149ac6fb1f785c5f5f6c9a90fd720b1acfcfd7b54ddf5d89807b050d8982c8003f6727a88ae58146947e19254b77ae7c70

    • SSDEEP

      768:w3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBi:o5tPusSRJDTlLTOpJiaDjts4gfFi2+g

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks