yunsip | 168f29f10d9d5bace166fe82fe0ae1d63e4de0658bc21e606e615e34f4555ab2 | Triage

Sharing

General

Target

168f29f10d9d5bace166fe82fe0ae1d63e4de0658bc21e606e615e34f4555ab2.dll
Size

181KB
Sample

240726-b2j48s1era
MD5

2b158e10981db4362648ff36f5050a32
SHA1

3c7559077170be28f204722fced4508626cca3ec
SHA256

168f29f10d9d5bace166fe82fe0ae1d63e4de0658bc21e606e615e34f4555ab2
SHA512

df169a20551cc5e30a0b258b96641486a9404d49f8f397177a6f37738430ab8cca8b8a245a5572a7cca69d2a6bb87afeb0edaaf701e025e16837c8ad681beff7
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0R:jDgtfRQUHPw06MoV2nwTBlhm8Z

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  168f29f10d9d5bace166fe82fe0ae1d63e4de0658bc21e606e615e34f4555ab2.dll
- Size
  
  181KB
- MD5
  
  2b158e10981db4362648ff36f5050a32
- SHA1
  
  3c7559077170be28f204722fced4508626cca3ec
- SHA256
  
  168f29f10d9d5bace166fe82fe0ae1d63e4de0658bc21e606e615e34f4555ab2
- SHA512
  
  df169a20551cc5e30a0b258b96641486a9404d49f8f397177a6f37738430ab8cca8b8a245a5572a7cca69d2a6bb87afeb0edaaf701e025e16837c8ad681beff7
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0R:jDgtfRQUHPw06MoV2nwTBlhm8Z
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan