Overview

overview

10

Static

static

3

2025-03-31...er.exe

windows7-x64

10

2025-03-31...er.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-31_6cd78fb15a82530258ba1a8705a0c6e1_amadey_rhadamanthys_smoke-loader

  • Size

    225KB

  • Sample

    250331-efdl4sswbs

  • MD5

    6cd78fb15a82530258ba1a8705a0c6e1

  • SHA1

    c724b514f1dfdc618bdd69dc55488ad1f8768527

  • SHA256

    98fb36aee3bef379171db94f80dc1cf2b3f0b7c61b858d965183586baddc1846

  • SHA512

    d3f58a47bc348172e763a218845badd96dfa3b765c05f68c1380232c37899123fc6ec02333b0fc90c9ea4b35c1d9558ef6c301cb06a4b2735e649410416cdf3d

  • SSDEEP

    6144:TA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:TATuTAnKGwUAW3ycQqgf

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      2025-03-31_6cd78fb15a82530258ba1a8705a0c6e1_amadey_rhadamanthys_smoke-loader

    • Size

      225KB

    • MD5

      6cd78fb15a82530258ba1a8705a0c6e1

    • SHA1

      c724b514f1dfdc618bdd69dc55488ad1f8768527

    • SHA256

      98fb36aee3bef379171db94f80dc1cf2b3f0b7c61b858d965183586baddc1846

    • SHA512

      d3f58a47bc348172e763a218845badd96dfa3b765c05f68c1380232c37899123fc6ec02333b0fc90c9ea4b35c1d9558ef6c301cb06a4b2735e649410416cdf3d

    • SSDEEP

      6144:TA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:TATuTAnKGwUAW3ycQqgf

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks