Overview

overview

10

Static

static

3

5817c11704...0N.dll

windows7-x64

10

5817c11704...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5817c117042b344525e86cba96310090N.exe

  • Size

    695KB

  • Sample

    240820-kmbc8asepf

  • MD5

    5817c117042b344525e86cba96310090

  • SHA1

    e702640de13cc3d8281715ba3c40a6759f696bbb

  • SHA256

    ea68d73867361ac96eec2924ef117605c8ab2569816cf3bdb71bf2718de1dd61

  • SHA512

    787e0899d78b75f50ab920cee3ccc1b25c030e9eb1cee197e6092169f3ad1786f46ea6ad58bf013a95cdebdd22dcd3b32738f7adc94bfc40768580de2abbf330

  • SSDEEP

    6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYYH:o6RI1Fo/wT3cJYYYYYYYYYYYYH

Score
10/10
yunsipbankerdiscoverytrojan

Malware Config

Targets

    • Target

      5817c117042b344525e86cba96310090N.exe

    • Size

      695KB

    • MD5

      5817c117042b344525e86cba96310090

    • SHA1

      e702640de13cc3d8281715ba3c40a6759f696bbb

    • SHA256

      ea68d73867361ac96eec2924ef117605c8ab2569816cf3bdb71bf2718de1dd61

    • SHA512

      787e0899d78b75f50ab920cee3ccc1b25c030e9eb1cee197e6092169f3ad1786f46ea6ad58bf013a95cdebdd22dcd3b32738f7adc94bfc40768580de2abbf330

    • SSDEEP

      6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYYH:o6RI1Fo/wT3cJYYYYYYYYYYYYH

    Score
    10/10
    yunsipbankerdiscoverytrojan

    • Yunsip

      Remote backdoor which communicates with a C2 server to receive commands.

      trojanbankeryunsip
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks