yunsip | d29e1b09adf66c9bf943b52a092df44a8a42398e38a61077d22289982c36ca6a | Triage

Sharing

General

Target

d29e1b09adf66c9bf943b52a092df44a8a42398e38a61077d22289982c36ca6aN
Size

504KB
Sample

241001-s6lmas1elb
MD5

6d265f444a361d83e69b35f1db70d130
SHA1

57d8c3beb7b90fdef825a3b3f5ffd29497316ef6
SHA256

d29e1b09adf66c9bf943b52a092df44a8a42398e38a61077d22289982c36ca6a
SHA512

a206b813f63a3d53e23120218473b21240fac3ea6f1e8275761548d4df66e84251e337595ec22f4648977291b3724d239f59a7ced1ed26f44db88db888b08db8
SSDEEP

3072:o6pU5Y1DXnbMn7Uzkop61/dAzV2O3XwTBftrm2YedGf3QKZDR:o6C5AXbMn7UI1FoV2gwTBlrIckPz

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  d29e1b09adf66c9bf943b52a092df44a8a42398e38a61077d22289982c36ca6aN
- Size
  
  504KB
- MD5
  
  6d265f444a361d83e69b35f1db70d130
- SHA1
  
  57d8c3beb7b90fdef825a3b3f5ffd29497316ef6
- SHA256
  
  d29e1b09adf66c9bf943b52a092df44a8a42398e38a61077d22289982c36ca6a
- SHA512
  
  a206b813f63a3d53e23120218473b21240fac3ea6f1e8275761548d4df66e84251e337595ec22f4648977291b3724d239f59a7ced1ed26f44db88db888b08db8
- SSDEEP
  
  3072:o6pU5Y1DXnbMn7Uzkop61/dAzV2O3XwTBftrm2YedGf3QKZDR:o6C5AXbMn7UI1FoV2gwTBlrIckPz
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan