yunsip | 87d54e799dec7801594dfa9da88d25bbb04f549b8f42e3da271aabccceec1114 | Triage

Sharing

General

Target

fa567a5cd68711bf218f49588279bf10N.exe
Size

693KB
Sample

240815-sylbkatekm
MD5

fa567a5cd68711bf218f49588279bf10
SHA1

3b613845ee3d7e2546fe6c0a9aba7119c93a851e
SHA256

87d54e799dec7801594dfa9da88d25bbb04f549b8f42e3da271aabccceec1114
SHA512

0ae2ca88db46b707c77deb0db33dc7b1654db7135a9cae28711678cafed314979fb6f5a2c96751dbd458d375bea9b9bb69bef73960112462a177f944ad14f7e9
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0S:jDgtfRQUHPw06MoV2nwTBlhm8q

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  fa567a5cd68711bf218f49588279bf10N.exe
- Size
  
  693KB
- MD5
  
  fa567a5cd68711bf218f49588279bf10
- SHA1
  
  3b613845ee3d7e2546fe6c0a9aba7119c93a851e
- SHA256
  
  87d54e799dec7801594dfa9da88d25bbb04f549b8f42e3da271aabccceec1114
- SHA512
  
  0ae2ca88db46b707c77deb0db33dc7b1654db7135a9cae28711678cafed314979fb6f5a2c96751dbd458d375bea9b9bb69bef73960112462a177f944ad14f7e9
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0S:jDgtfRQUHPw06MoV2nwTBlhm8q
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan