yunsip | ccd6b836a5f68435029fcd0d6e6672469e13912784b3cb61766369adf136162e | Triage

Sharing

General

Target

2d514e186b8ff7a59685d10fa8460804_JaffaCakes118
Size

255KB
Sample

241009-jfgqzsydrf
MD5

2d514e186b8ff7a59685d10fa8460804
SHA1

09deab99b12c9e6fe57f07fbb925df25692e4e9d
SHA256

ccd6b836a5f68435029fcd0d6e6672469e13912784b3cb61766369adf136162e
SHA512

ad9a68940e5447e370c9023b7a42619147496c031d9e9812e58f149d35756276b6b9f18d6ab00b4add86241456258d37c365dfe09f987a114971bc1d70cbdb79
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0e:jDgtfRQUHPw06MoV2nwTBlhm8m

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  2d514e186b8ff7a59685d10fa8460804_JaffaCakes118
- Size
  
  255KB
- MD5
  
  2d514e186b8ff7a59685d10fa8460804
- SHA1
  
  09deab99b12c9e6fe57f07fbb925df25692e4e9d
- SHA256
  
  ccd6b836a5f68435029fcd0d6e6672469e13912784b3cb61766369adf136162e
- SHA512
  
  ad9a68940e5447e370c9023b7a42619147496c031d9e9812e58f149d35756276b6b9f18d6ab00b4add86241456258d37c365dfe09f987a114971bc1d70cbdb79
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0e:jDgtfRQUHPw06MoV2nwTBlhm8m
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan