yunsip | 5d9e29b09d14b71818fce3c2fa45856f1f547165834aa48eba8a59a6d1bb4147 | Triage

Sharing

General

Target

5d9e29b09d14b71818fce3c2fa45856f1f547165834aa48eba8a59a6d1bb4147N
Size

598KB
Sample

240920-ajx3psygll
MD5

6e081c265f30c3f677e09439efe2bdd0
SHA1

fbfef188dcf25d803f17314aecd2e6e2f316b576
SHA256

5d9e29b09d14b71818fce3c2fa45856f1f547165834aa48eba8a59a6d1bb4147
SHA512

4060025f9df7bc3cd2e5f713362e679c3f5ab036953f76f503a57e16675358b323796f59234524c9dfe6cecd04088e5ea131cb12f9b81be685544acd142ae389
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0R:jDgtfRQUHPw06MoV2nwTBlhm8J

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  5d9e29b09d14b71818fce3c2fa45856f1f547165834aa48eba8a59a6d1bb4147N
- Size
  
  598KB
- MD5
  
  6e081c265f30c3f677e09439efe2bdd0
- SHA1
  
  fbfef188dcf25d803f17314aecd2e6e2f316b576
- SHA256
  
  5d9e29b09d14b71818fce3c2fa45856f1f547165834aa48eba8a59a6d1bb4147
- SHA512
  
  4060025f9df7bc3cd2e5f713362e679c3f5ab036953f76f503a57e16675358b323796f59234524c9dfe6cecd04088e5ea131cb12f9b81be685544acd142ae389
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0R:jDgtfRQUHPw06MoV2nwTBlhm8J
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan