Overview

overview

10

Static

static

3

cfcde4bdbb...0N.dll

windows7-x64

10

cfcde4bdbb...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfcde4bdbbb0f23df9da9cc80b621dc0N.exe

  • Size

    1.0MB

  • Sample

    240817-c8zc6swemp

  • MD5

    cfcde4bdbbb0f23df9da9cc80b621dc0

  • SHA1

    5a9ed303294e1aca73419fe128944656b22e143d

  • SHA256

    7db9994078e5b84ab08ac964230fe4d603d0317e7cbb517878ec3fba1c43f09a

  • SHA512

    a0d3aa4027765c343752a13638ad36deb694a20ee3526cf32871988ebaf2c79b670304ec8fccd44240733b95c0058e72322300334561ab0f50af56e316e47bc7

  • SSDEEP

    6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYY6:o6RI1Fo/wT3cJYYYYYYYYYYYY6

Score
10/10
yunsipbankerdiscoverytrojan

Malware Config

Targets

    • Target

      cfcde4bdbbb0f23df9da9cc80b621dc0N.exe

    • Size

      1.0MB

    • MD5

      cfcde4bdbbb0f23df9da9cc80b621dc0

    • SHA1

      5a9ed303294e1aca73419fe128944656b22e143d

    • SHA256

      7db9994078e5b84ab08ac964230fe4d603d0317e7cbb517878ec3fba1c43f09a

    • SHA512

      a0d3aa4027765c343752a13638ad36deb694a20ee3526cf32871988ebaf2c79b670304ec8fccd44240733b95c0058e72322300334561ab0f50af56e316e47bc7

    • SSDEEP

      6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYY6:o6RI1Fo/wT3cJYYYYYYYYYYYY6

    Score
    10/10
    yunsipbankerdiscoverytrojan

    • Yunsip

      Remote backdoor which communicates with a C2 server to receive commands.

      trojanbankeryunsip
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks