yunsip | cb7e4c3078f07315ef2c27581e55ace30b1eebbeff6ab19a0461e5829126b413 | Triage

Sharing

General

Target

LisectAVT_2403002C_20.dll
Size

567KB
Sample

240725-b7npls1cml
MD5

65deb07195f409b9bf6c3fd929ce2d6a
SHA1

04c6c9ffe45f7c69fa99186e85d6444abfbcf700
SHA256

cb7e4c3078f07315ef2c27581e55ace30b1eebbeff6ab19a0461e5829126b413
SHA512

ffc7a343abea59bbabe2a38bff447f64ddc75a78988829030001ac335a2a30fec9d2ee0f07ca01a26e0c97e10fd93bc9df447f0b31992df2e262f3b6baee50bc
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0:jDgtfRQUHPw06MoV2nwTBlhm8

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  LisectAVT_2403002C_20.dll
- Size
  
  567KB
- MD5
  
  65deb07195f409b9bf6c3fd929ce2d6a
- SHA1
  
  04c6c9ffe45f7c69fa99186e85d6444abfbcf700
- SHA256
  
  cb7e4c3078f07315ef2c27581e55ace30b1eebbeff6ab19a0461e5829126b413
- SHA512
  
  ffc7a343abea59bbabe2a38bff447f64ddc75a78988829030001ac335a2a30fec9d2ee0f07ca01a26e0c97e10fd93bc9df447f0b31992df2e262f3b6baee50bc
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0:jDgtfRQUHPw06MoV2nwTBlhm8
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan