Tinba Malware: Domain Generation Algorithm Means New, Improved, and Persistent
ATT&CK techniques detected
T1547.001Registry Run Keys / Startup Folder
100%
“it start with windows at boot. the autoruns are written into the registry in both hkey _ current _ user and hkey _ local _ machine registry hives, under the software \ microsoft \ windows \ currentversion \ run \ key ; both point to the malware executable at c : \ documents and s…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1055.001Dynamic-link Library Injection
95%
“makes the malware much more persistent and gives it the ability to come back to life even after a command and control ( c & c ) server is taken down. upon execution, the malware initially infects the system by opening the winver. exe process, which is a legitimate windows applet …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1568.002Domain Generation Algorithms
43%
“tinba malware : domain generation algorithm means new, improved, and persistent tinba, also known as " tinybanker ", " zusy " and " hµnt€r $ ", is a banking trojan that was first seen in the wild around may 2012. its source code was leaked in july 2014. cybercriminals customized …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Tinba, also known as "Tinybanker", "Zusy" and "HµNT€R$", is a banking Trojan.