yunsip | f4c8cf438a86e55655c0d646048e12ffa719f1855d8ea608a0ed91819480825c | Triage

Sharing

General

Target

139752081affd14b4eb87add1138bbfd_JaffaCakes118
Size

262KB
Sample

241004-q2p3taxclr
MD5

139752081affd14b4eb87add1138bbfd
SHA1

cf2e2cff69adc736563a8425842e305aac455617
SHA256

f4c8cf438a86e55655c0d646048e12ffa719f1855d8ea608a0ed91819480825c
SHA512

abca41b2ffae5d000f362a795345c49921f3f86dbb3762ce0cb6f1016967cf1648a0923a90a160af54eee28f842231950a2c5bf025f846c60b767a26ea7b5e9d
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0L:jDgtfRQUHPw06MoV2nwTBlhm8z

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  139752081affd14b4eb87add1138bbfd_JaffaCakes118
- Size
  
  262KB
- MD5
  
  139752081affd14b4eb87add1138bbfd
- SHA1
  
  cf2e2cff69adc736563a8425842e305aac455617
- SHA256
  
  f4c8cf438a86e55655c0d646048e12ffa719f1855d8ea608a0ed91819480825c
- SHA512
  
  abca41b2ffae5d000f362a795345c49921f3f86dbb3762ce0cb6f1016967cf1648a0923a90a160af54eee28f842231950a2c5bf025f846c60b767a26ea7b5e9d
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0L:jDgtfRQUHPw06MoV2nwTBlhm8z
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan