yunsip | 37eb0a8cdac8124adac82bbd7c6331b36db3bc46c510fe8cea74451666c5231a | Triage

Sharing

General

Target

f4f2fb1616b7ac5d4de49aca70972c10N.exe
Size

1.0MB
Sample

240804-vn422avcrb
MD5

f4f2fb1616b7ac5d4de49aca70972c10
SHA1

431977ae9b1060311e78f935d3c4266ba1eb4f7f
SHA256

37eb0a8cdac8124adac82bbd7c6331b36db3bc46c510fe8cea74451666c5231a
SHA512

16cc66c90bfa3567f8a606077bf713473548204f5bb7f16c757773fceb3fbd075452bf478b2b01d3c7b16a61d7fb1c74be044b4bb6e9ab39ca67aac017c53da1
SSDEEP

6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYY6:o6RI1Fo/wT3cJYYYYYYYYYYYY6

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  f4f2fb1616b7ac5d4de49aca70972c10N.exe
- Size
  
  1.0MB
- MD5
  
  f4f2fb1616b7ac5d4de49aca70972c10
- SHA1
  
  431977ae9b1060311e78f935d3c4266ba1eb4f7f
- SHA256
  
  37eb0a8cdac8124adac82bbd7c6331b36db3bc46c510fe8cea74451666c5231a
- SHA512
  
  16cc66c90bfa3567f8a606077bf713473548204f5bb7f16c757773fceb3fbd075452bf478b2b01d3c7b16a61d7fb1c74be044b4bb6e9ab39ca67aac017c53da1
- SSDEEP
  
  6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYY6:o6RI1Fo/wT3cJYYYYYYYYYYYY6
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan