yunsip | dc421a569eb50882430824c6b69c2855eabe9232f29f4c2cbe83fcea901de127 | Triage

Sharing

General

Target

0efafa40b6c1d108cd25bf85f45595e4_JaffaCakes118
Size

295KB
Sample

241003-mj3dmszgna
MD5

0efafa40b6c1d108cd25bf85f45595e4
SHA1

bd531866b6ae8ba4aecd218cbff8c33e0685c746
SHA256

dc421a569eb50882430824c6b69c2855eabe9232f29f4c2cbe83fcea901de127
SHA512

db3a1a859911f47dcd9ab2b2622fa148f8e6a65caa37616dd1a877667483e399b3eb38d1029084d760660234b6632b3b106aa128d95928a0f5ddca9eb5c325ac
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0f:jDgtfRQUHPw06MoV2nwTBlhm8H

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  0efafa40b6c1d108cd25bf85f45595e4_JaffaCakes118
- Size
  
  295KB
- MD5
  
  0efafa40b6c1d108cd25bf85f45595e4
- SHA1
  
  bd531866b6ae8ba4aecd218cbff8c33e0685c746
- SHA256
  
  dc421a569eb50882430824c6b69c2855eabe9232f29f4c2cbe83fcea901de127
- SHA512
  
  db3a1a859911f47dcd9ab2b2622fa148f8e6a65caa37616dd1a877667483e399b3eb38d1029084d760660234b6632b3b106aa128d95928a0f5ddca9eb5c325ac
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0f:jDgtfRQUHPw06MoV2nwTBlhm8H
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan