Overview

overview

10

Static

static

3

e695741f30...29.exe

windows7-x64

10

e695741f30...29.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e695741f303ba79627353128bc397f9360ce4063260d58d19469bef08ddcaf29

  • Size

    54KB

  • Sample

    250224-jlwr4asqw4

  • MD5

    e87511c193696bde9ae5cc2cd350bda7

  • SHA1

    917d9334a81b83a14994303365062504eb0f4363

  • SHA256

    e695741f303ba79627353128bc397f9360ce4063260d58d19469bef08ddcaf29

  • SHA512

    256578043c62f166fbcb1c9680a7ff0fd48679dd8cb913ef0ed038848bf52e7b6984327af461a89a8340bc4298cf201094aec31877991a705647ed58e99996c7

  • SSDEEP

    768:B3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:55tPusSRJDTlLTOpJiaDjts4gfFi2+A

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      e695741f303ba79627353128bc397f9360ce4063260d58d19469bef08ddcaf29

    • Size

      54KB

    • MD5

      e87511c193696bde9ae5cc2cd350bda7

    • SHA1

      917d9334a81b83a14994303365062504eb0f4363

    • SHA256

      e695741f303ba79627353128bc397f9360ce4063260d58d19469bef08ddcaf29

    • SHA512

      256578043c62f166fbcb1c9680a7ff0fd48679dd8cb913ef0ed038848bf52e7b6984327af461a89a8340bc4298cf201094aec31877991a705647ed58e99996c7

    • SSDEEP

      768:B3CCRtWM5usSRJDTlLTOpJiqRZNoCRtxihG1gfFNsHWP4jBS:55tPusSRJDTlLTOpJiaDjts4gfFi2+A

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks