yunsip | bd12685e798f9fdbefd84d62cda1c069bec18fb04f0dea1833f8b86661c2b7b4 | Triage

Sharing

General

Target

6914fcf36cf234081744faa4fb8467d0N.exe
Size

998KB
Sample

240819-rwlnwashjk
MD5

6914fcf36cf234081744faa4fb8467d0
SHA1

abb379b1eb13a01ee238998cc65f89b6ebe2ddd6
SHA256

bd12685e798f9fdbefd84d62cda1c069bec18fb04f0dea1833f8b86661c2b7b4
SHA512

6e47fa24c59c5188ed551fafb1e0e4da69a3f23d6bb845ab9c00cdf4dd5b2967089787327c819d4bd689166c0aad5c74de73156b2743ad35b9e3620a3ced9e2c
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0/:jDgtfRQUHPw06MoV2nwTBlhm8H

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  6914fcf36cf234081744faa4fb8467d0N.exe
- Size
  
  998KB
- MD5
  
  6914fcf36cf234081744faa4fb8467d0
- SHA1
  
  abb379b1eb13a01ee238998cc65f89b6ebe2ddd6
- SHA256
  
  bd12685e798f9fdbefd84d62cda1c069bec18fb04f0dea1833f8b86661c2b7b4
- SHA512
  
  6e47fa24c59c5188ed551fafb1e0e4da69a3f23d6bb845ab9c00cdf4dd5b2967089787327c819d4bd689166c0aad5c74de73156b2743ad35b9e3620a3ced9e2c
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0/:jDgtfRQUHPw06MoV2nwTBlhm8H
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan