Managed XDR

ransomware_stop_2022_945.exe (Tinba) — malware analysis report

File info

Filename: ransomware_stop_2022_945.exe
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 513 KB
First seen: 2025-01-13 15:22
Last seen: 2025-01-13 15:22

Environment

win7/x86 en

Hashes

SHA1: 192982a59264e5e89b27a5c68eb67e79d526f08f
SHA256: 70817dd400187ea17c13ae5192a2d2f6cae4fca9a606388236e05fa7f98b5fcf
MD5: 6fd02c195ffed6e78e2fee16a5b86628

Malwares

Tinba

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data

T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules

process_crashed: One of the processes has failed

no_graphical_activity: No graphic activity

has_pdb: This executable file has a PDB path

Related reports