yunsip | c33d9c24a68e2f3ad8e1959dd55328e0bd5de397b2b6058a57ed05e2f0f1b649 | Triage

Submit
Reports

Overview

overview

Static

static

3

2b5245375e...18.dll

windows7-x64

2b5245375e...18.dll

windows10-2004-x64

Sharing

General

Target

2b5245375e9352b6dafb17fd3f8c573e_JaffaCakes118
Size

139KB
Sample

240708-ha44nayfnb
MD5

2b5245375e9352b6dafb17fd3f8c573e
SHA1

26a0c376e1a806c24c9e41b517ea7681ec3d101e
SHA256

c33d9c24a68e2f3ad8e1959dd55328e0bd5de397b2b6058a57ed05e2f0f1b649
SHA512

ea4b740730f81392fb8c7b5596d7616ce2822859bf1905e85088e199b5d2fc363dfd0bb6e6071b893b604fab04ed0ec0697dbc8718d37c3d7f11e8525e564656
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0Z:jDgtfRQUHPw06MoV2nwTBlhm8B

Score

10^/10

yunsip banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2b5245375e9352b6dafb17fd3f8c573e_JaffaCakes118.dll

Resource

win7-20240508-en

yunsip banker trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2b5245375e9352b6dafb17fd3f8c573e_JaffaCakes118.dll

Resource

win10v2004-20240704-en

yunsip banker trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  2b5245375e9352b6dafb17fd3f8c573e_JaffaCakes118
- Size
  
  139KB
- MD5
  
  2b5245375e9352b6dafb17fd3f8c573e
- SHA1
  
  26a0c376e1a806c24c9e41b517ea7681ec3d101e
- SHA256
  
  c33d9c24a68e2f3ad8e1959dd55328e0bd5de397b2b6058a57ed05e2f0f1b649
- SHA512
  
  ea4b740730f81392fb8c7b5596d7616ce2822859bf1905e85088e199b5d2fc363dfd0bb6e6071b893b604fab04ed0ec0697dbc8718d37c3d7f11e8525e564656
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0Z:jDgtfRQUHPw06MoV2nwTBlhm8B
Score

10^/10

yunsip banker trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

yunsipbankertrojan

behavioral2

yunsipbankertrojan

© 2018-2024

Terms | Privacy