Trusted Design

Tinba alias Tiny Banker Indicators

概要

Observed a Tinba alias Tiny Banker command and control (C2) server hosted at IP address 109.70.26[.]37. Passive DNS and technical analysis revealed at least 306 malicious domains hosted on the offender IP address in the past week. Additional research revealed at least 100 unique malware samples distributed from this IP address as well as hundreds of known malicious domains, IPs, and URLs associated with the original seed data and Tinba botnet.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Tinba Malware Hashes (score: 0.66)
Malware issuing domains (score: 0.64)
Malware hosts (score: 0.64)
C2 Tinba Panel and Hashes (score: 0.64)
InstantAccess Malware (score: 0.62)

このPulseに関連する脅威アクター (事実ベース)

APT41

Score: 6.53

Matched TTPs:

T1539 - Steal Web Session Cookie
T1027.007 - Dynamic API Resolution

MITREへのリンク →

TA551

Score: 4.13

Matched TTPs:

T1539 - Steal Web Session Cookie

MITREへのリンク →

Sandworm Team

Score: 7.11

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1049 - System Network Connections Discovery

MITREへのリンク →

TA2541

Score: 6.24

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1128 - Netsh Helper DLL

MITREへのリンク →

Earth Lusca

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Mustang Panda

Score: 14.91

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1169 - Sudo
T1055.005 - Thread Local Storage
T1556 - Modify Authentication Process

MITREへのリンク →

Kimsuky

Score: 6.78

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1053.002 - At

MITREへのリンク →

Mustard Tempest

Score: 9.80

Matched TTPs:

T1091 - Replication Through Removable Media
T1543.002 - Systemd Service
T1053.002 - At

MITREへのリンク →

OilRig

Score: 8.98

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1128 - Netsh Helper DLL
T1556 - Modify Authentication Process

MITREへのリンク →

TeamTNT

Score: 7.62

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1519 - Emond

MITREへのリンク →

LazyScripter

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Gamaredon Group

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Star Blizzard

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Threat Group-3390

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

SideCopy

Score: 5.26

Matched TTPs:

T1091 - Replication Through Removable Media
T1053.002 - At

MITREへのリンク →

TA505

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

BlackByte

Score: 4.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.007 - Dynamic API Resolution

MITREへのリンク →

BITTER

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

APT32

Score: 8.63

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process

MITREへのリンク →

HEXANE

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Moonstone Sleet

Score: 5.89

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Contagious Interview

Score: 10.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1021.006 - Windows Remote Management
T1556 - Modify Authentication Process

MITREへのリンク →

FIN7

Score: 5.89

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1027.007 - Dynamic API Resolution

MITREへのリンク →

EXOTIC LILY

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

APT42

Score: 6.24

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1128 - Netsh Helper DLL

MITREへのリンク →

APT28

Score: 6.06

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1146 - Clear Command History

MITREへのリンク →

APT1

Score: 4.80

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1053.002 - At

MITREへのリンク →

Scattered Spider

Score: 5.65

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1090.004 - Domain Fronting

MITREへのリンク →

Transparent Tribe

Score: 4.80

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1053.002 - At

MITREへのリンク →

RedEcho

Score: 4.26

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1128 - Netsh Helper DLL

MITREへのリンク →

Lazarus Group

Score: 8.40

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1055.005 - Thread Local Storage
T1556 - Modify Authentication Process

MITREへのリンク →

Magic Hound

Score: 4.80

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1053.002 - At

MITREへのリンク →

APT38

Score: 3.92

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1027.007 - Dynamic API Resolution

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1021.006 - Windows Remote Management

MITREへのリンク →

HAFNIUM

Score: 3.62

Matched TTPs:

T1049 - System Network Connections Discovery

MITREへのリンク →

Axiom

Score: 8.16

Matched TTPs:

T1049 - System Network Connections Discovery
T1160 - Launch Daemon

MITREへのリンク →

Volt Typhoon

Score: 3.62

Matched TTPs:

T1049 - System Network Connections Discovery

MITREへのリンク →

Velvet Ant

Score: 5.14

Matched TTPs:

T1128 - Netsh Helper DLL
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Medusa Group

Score: 9.68

Matched TTPs:

T1128 - Netsh Helper DLL
T1027.007 - Dynamic API Resolution
T1094 - Custom Command and Control Protocol

MITREへのリンク →

FIN6

Score: 7.89

Matched TTPs:

T1128 - Netsh Helper DLL
T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process

MITREへのリンク →

FIN8

Score: 5.49

Matched TTPs:

T1128 - Netsh Helper DLL
T1556 - Modify Authentication Process

MITREへのリンク →

APT29

Score: 4.54

Matched TTPs:

T1218.009 - Regsvcs/Regasm

MITREへのリンク →

Storm-0501

Score: 4.13

Matched TTPs:

T1090.004 - Domain Fronting

MITREへのリンク →

Ember Bear

Score: 4.13

Matched TTPs:

T1519 - Emond

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Wizard Spider

Score: 5.14

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1556 - Modify Authentication Process

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Mustang Panda

Score: 0.79

Matched TTPs:

T1055.005 - Thread Local Storage
T1098.007 - Additional Local or Domain Groups
T1556 - Modify Authentication Process
T1169 - Sudo
T1091 - Replication Through Removable Media

MITREへのリンク →

Mustard Tempest

Score: 0.61

Matched TTPs:

T1543.002 - Systemd Service
T1053.002 - At
T1091 - Replication Through Removable Media

MITREへのリンク →

Contagious Interview

Score: 0.56

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1556 - Modify Authentication Process
T1021.006 - Windows Remote Management
T1091 - Replication Through Removable Media

MITREへのリンク →

Medusa Group

Score: 0.55

Matched TTPs:

T1128 - Netsh Helper DLL
T1027.007 - Dynamic API Resolution
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る