yunsip | e9b4584396088b831238454897b1360b679bad19e65cadcbf80918d9b394a160 | Triage

Sharing

General

Target

11ae9b3ca80e49fd2ab33154643ec95c_JaffaCakes118
Size

375KB
Sample

241004-d7neyswfqd
MD5

11ae9b3ca80e49fd2ab33154643ec95c
SHA1

79605ac1f5e69c30ec70131bd30cda41bd62b78b
SHA256

e9b4584396088b831238454897b1360b679bad19e65cadcbf80918d9b394a160
SHA512

3b30446c53b431d5a585250693ca91ea539678b09db7fa4408db18325295d07885a9c5b3d7c1b65516ed5ec39c4fd99692cb51b6bd204185f42b4dd47da692f1
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0Y:jDgtfRQUHPw06MoV2nwTBlhm8A

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  11ae9b3ca80e49fd2ab33154643ec95c_JaffaCakes118
- Size
  
  375KB
- MD5
  
  11ae9b3ca80e49fd2ab33154643ec95c
- SHA1
  
  79605ac1f5e69c30ec70131bd30cda41bd62b78b
- SHA256
  
  e9b4584396088b831238454897b1360b679bad19e65cadcbf80918d9b394a160
- SHA512
  
  3b30446c53b431d5a585250693ca91ea539678b09db7fa4408db18325295d07885a9c5b3d7c1b65516ed5ec39c4fd99692cb51b6bd204185f42b4dd47da692f1
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0Y:jDgtfRQUHPw06MoV2nwTBlhm8A
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan