Overview

overview

10

Static

static

3

2025-03-31...er.exe

windows7-x64

10

2025-03-31...er.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-31_15147197e0646326719fadfa17cf961e_amadey_rhadamanthys_smoke-loader

  • Size

    225KB

  • Sample

    250331-bj81msspt8

  • MD5

    15147197e0646326719fadfa17cf961e

  • SHA1

    bd0a8e929d64f5d3983db34216b113d875dfa53b

  • SHA256

    a7c99e8925e2f75d1871e1391d9499dd1200377451a060dc9a81c0ddd0e46412

  • SHA512

    176550cf74dcf0af31693865a3a082031664319edb7965888877b64426749b3ac6f596385cfbd24f02674bcdeedf83f325f5919dd4cf51e1bdcca2f87b5a720c

  • SSDEEP

    6144:0A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:0ATuTAnKGwUAW3ycQqgf

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      2025-03-31_15147197e0646326719fadfa17cf961e_amadey_rhadamanthys_smoke-loader

    • Size

      225KB

    • MD5

      15147197e0646326719fadfa17cf961e

    • SHA1

      bd0a8e929d64f5d3983db34216b113d875dfa53b

    • SHA256

      a7c99e8925e2f75d1871e1391d9499dd1200377451a060dc9a81c0ddd0e46412

    • SHA512

      176550cf74dcf0af31693865a3a082031664319edb7965888877b64426749b3ac6f596385cfbd24f02674bcdeedf83f325f5919dd4cf51e1bdcca2f87b5a720c

    • SSDEEP

      6144:0A2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:0ATuTAnKGwUAW3ycQqgf

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks