yunsip | ea68d73867361ac96eec2924ef117605c8ab2569816cf3bdb71bf2718de1dd61 | Triage

Sharing

General

Target

5817c117042b344525e86cba96310090N.exe
Size

695KB
Sample

240820-kmbc8asepf
MD5

5817c117042b344525e86cba96310090
SHA1

e702640de13cc3d8281715ba3c40a6759f696bbb
SHA256

ea68d73867361ac96eec2924ef117605c8ab2569816cf3bdb71bf2718de1dd61
SHA512

787e0899d78b75f50ab920cee3ccc1b25c030e9eb1cee197e6092169f3ad1786f46ea6ad58bf013a95cdebdd22dcd3b32738f7adc94bfc40768580de2abbf330
SSDEEP

6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYYH:o6RI1Fo/wT3cJYYYYYYYYYYYYH

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  5817c117042b344525e86cba96310090N.exe
- Size
  
  695KB
- MD5
  
  5817c117042b344525e86cba96310090
- SHA1
  
  e702640de13cc3d8281715ba3c40a6759f696bbb
- SHA256
  
  ea68d73867361ac96eec2924ef117605c8ab2569816cf3bdb71bf2718de1dd61
- SHA512
  
  787e0899d78b75f50ab920cee3ccc1b25c030e9eb1cee197e6092169f3ad1786f46ea6ad58bf013a95cdebdd22dcd3b32738f7adc94bfc40768580de2abbf330
- SSDEEP
  
  6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYYH:o6RI1Fo/wT3cJYYYYYYYYYYYYH
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan