yunsip | fbc0fe4b72f946aa65e886a445205ed9f553e32b658bb91020e42f83573f7d30 | Triage

Sharing

General

Target

759082c0631e1ba2078a3b85501565a0N.exe
Size

1.1MB
Sample

240818-vptmpavalf
MD5

759082c0631e1ba2078a3b85501565a0
SHA1

86dfa5c7a5d5e3e4257d36ec0a925c7944fda024
SHA256

fbc0fe4b72f946aa65e886a445205ed9f553e32b658bb91020e42f83573f7d30
SHA512

e6c373581b4e50fa0cc48a36cb38ffd05b7a8f7210e2c16185d7e7a1a60da405b9d4e18bc8cbaed61948b1b0ae14685ccc18a2c797970bf05eaa35828cb30677
SSDEEP

12288:jDgN6MoIwT3qOOOOOOOOOOOOOOOOOOOOOOU:jTtT3qOOOOOOOOOOOOOOOOOOOOOOU

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  759082c0631e1ba2078a3b85501565a0N.exe
- Size
  
  1.1MB
- MD5
  
  759082c0631e1ba2078a3b85501565a0
- SHA1
  
  86dfa5c7a5d5e3e4257d36ec0a925c7944fda024
- SHA256
  
  fbc0fe4b72f946aa65e886a445205ed9f553e32b658bb91020e42f83573f7d30
- SHA512
  
  e6c373581b4e50fa0cc48a36cb38ffd05b7a8f7210e2c16185d7e7a1a60da405b9d4e18bc8cbaed61948b1b0ae14685ccc18a2c797970bf05eaa35828cb30677
- SSDEEP
  
  12288:jDgN6MoIwT3qOOOOOOOOOOOOOOOOOOOOOOU:jTtT3qOOOOOOOOOOOOOOOOOOOOOOU
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan