Overview

overview

10

Static

static

3

2025-03-31...er.exe

windows7-x64

10

2025-03-31...er.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-31_a1458035227f96c39b9d177ec966a71e_amadey_rhadamanthys_smoke-loader

  • Size

    225KB

  • Sample

    250331-ew2nwaszax

  • MD5

    a1458035227f96c39b9d177ec966a71e

  • SHA1

    c2f9134347568f6ed5e8f1646bf985e773f95545

  • SHA256

    3248458742fd351d20d8f482b5555ac4798ee862869e3ebe9232e624c32aeadc

  • SHA512

    e1b7cdb871e53eed477a7e9ee94d0dcc53fd1f0996ea5bfe34e64473fb59f50a6220a97ddafd8d42adf3d09fac4b8a87a20439e4d57c018350e9fc7983895cfb

  • SSDEEP

    6144:YA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:YATuTAnKGwUAW3ycQqgf

Score
10/10
tinbabankerdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      2025-03-31_a1458035227f96c39b9d177ec966a71e_amadey_rhadamanthys_smoke-loader

    • Size

      225KB

    • MD5

      a1458035227f96c39b9d177ec966a71e

    • SHA1

      c2f9134347568f6ed5e8f1646bf985e773f95545

    • SHA256

      3248458742fd351d20d8f482b5555ac4798ee862869e3ebe9232e624c32aeadc

    • SHA512

      e1b7cdb871e53eed477a7e9ee94d0dcc53fd1f0996ea5bfe34e64473fb59f50a6220a97ddafd8d42adf3d09fac4b8a87a20439e4d57c018350e9fc7983895cfb

    • SSDEEP

      6144:YA2P27yTAnKGw0hjFhSR/W11yAJ9v0pMtRCpYM:YATuTAnKGwUAW3ycQqgf

    Score
    10/10
    tinbabankerdiscoverypersistencetrojan

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks