Overview

overview

10

Static

static

3

e7e899d7ef...68.exe

windows7-x64

10

e7e899d7ef...68.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e7e899d7ef11f1a57aa98392b170efcc6e1c80d168e048441b25edd5f2db9368

  • Size

    54KB

  • Sample

    250224-jht44a1lgx

  • MD5

    e21daa985eb2e1e1cea7ffd3df08a21b

  • SHA1

    964ca6740f1199655606bcf49ea354a805ea1b89

  • SHA256

    e7e899d7ef11f1a57aa98392b170efcc6e1c80d168e048441b25edd5f2db9368

  • SHA512

    2f28546ba8e76f4a7b40cf6d8adfd88f9904823ba21bbedeb834dbcfcc18c1cafd44743401732bf493df5a1e0404ee33696011e09657c40d8ed864b9c3324e54

  • SSDEEP

    768:v3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:f5tPusSRJDTlLTOpJiaDjts4gfFi2+A

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      e7e899d7ef11f1a57aa98392b170efcc6e1c80d168e048441b25edd5f2db9368

    • Size

      54KB

    • MD5

      e21daa985eb2e1e1cea7ffd3df08a21b

    • SHA1

      964ca6740f1199655606bcf49ea354a805ea1b89

    • SHA256

      e7e899d7ef11f1a57aa98392b170efcc6e1c80d168e048441b25edd5f2db9368

    • SHA512

      2f28546ba8e76f4a7b40cf6d8adfd88f9904823ba21bbedeb834dbcfcc18c1cafd44743401732bf493df5a1e0404ee33696011e09657c40d8ed864b9c3324e54

    • SSDEEP

      768:v3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:f5tPusSRJDTlLTOpJiaDjts4gfFi2+A

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks