Tinba

Tinba Description

Type: Trojan

Tinba is a banking malware infection that steals confidential information from victims. Tinba is a combination of the words 'tiny' and 'banker'; it is also called Tinybanker and Zusy. Tinba propagates via the Blackhole exploit kit. The main goal of Tinba is to target Turkish computer users. Tinba uses web injects for stealing the login information from websites, namely those placed in Turkey. Some targets incorporating Facebook, Microsoft, GMX, and Google and are hardcoded into the code of Tinba itself and are universally corrupted by Tinba. Other institutions are compromised depending on downloaded configuration files; frequent targets incorporate key government portals and Turkish banks/financial institutions. Tinba is also associated with other activities that include pornographic websites, shady Web hosting, money mules, and other malware threats that steal information.

Technical Information

File System Details

Tinba creates the following file(s):
# File Name MD5 Detection Count
1 chk.exe 34c809f63528376356a5d85795f5ae22 224
2 cb32.exe e17606468f7070d63621e0ba3efacd05 6
3 bin.exe f6c5c74dd6805accbf57529b5214b3e0 4
4 WINLOGON.EXE 1e100c5435a8025e5bf471b09ec1a151 3
5 file.exe 08ab7f68c6b3a4a2a745cc244d41d213 1
More files

Registry Details

Tinba creates the following registry entry or registry entries:
Regexp file mask
%APPDATA%\AdobeChk\chk.exe

Related Posts

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.