Description

• Probable Name: Tinba Trojan?
• MD5: 14010ce6f03e0a978693424d60e34ba9
• SHA1: 99ac7dbc9c680d685196a62d0358c773650d97b1
  
• SHA256: 8006cbd1c70b2ed096af9c72d6fef2c3e9cb0a4168540897967e5d3bbb2331bc
  

• Zip password: infected

• VirusTotal
• HybridAnalysis

• RobotHash

Timeline

Fri Apr 29 21:23:20 CEST 2016

Started win2

Fri Apr 29 21:42:37 CEST 2016

infected successfully

Analysis

It is using DGA, and is the fasted DGA I ever saw.

Sun May 1 10:56:23 CEST 2016

Restarted the windows because it stopped sending packets. It didn't worked.