yunsip | d6af413494ae5d589ee8a1614fdfb9e63ed60995654e820ce21ba6395612685f | Triage

Sharing

General

Target

d6af413494ae5d589ee8a1614fdfb9e63ed60995654e820ce21ba6395612685fN.exe
Size

1.1MB
Sample

240924-t6slaaxama
MD5

7670e5929cb79005cfd1ddead4437290
SHA1

1ea225509e876b6aa952fb60b6b706008c0f427f
SHA256

d6af413494ae5d589ee8a1614fdfb9e63ed60995654e820ce21ba6395612685f
SHA512

665db5ef71361de213b5c62ccba7a390e86d90f13d572801226f746e349a1ee5d4e12f7713bc5c4a894f081eb957c3760f4f81a91d365c482321474bb1817e38
SSDEEP

12288:jDgN6MoIwT3qOOOOOOOOOOOOOOOOOOOOOOi:jTtT3qOOOOOOOOOOOOOOOOOOOOOOi

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  d6af413494ae5d589ee8a1614fdfb9e63ed60995654e820ce21ba6395612685fN.exe
- Size
  
  1.1MB
- MD5
  
  7670e5929cb79005cfd1ddead4437290
- SHA1
  
  1ea225509e876b6aa952fb60b6b706008c0f427f
- SHA256
  
  d6af413494ae5d589ee8a1614fdfb9e63ed60995654e820ce21ba6395612685f
- SHA512
  
  665db5ef71361de213b5c62ccba7a390e86d90f13d572801226f746e349a1ee5d4e12f7713bc5c4a894f081eb957c3760f4f81a91d365c482321474bb1817e38
- SSDEEP
  
  12288:jDgN6MoIwT3qOOOOOOOOOOOOOOOOOOOOOOi:jTtT3qOOOOOOOOOOOOOOOOOOOOOOi
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan