yunsip | c0dfb23af5fda053445a6a1365d8850a37180cc5105a7712e51559b39db0de81 | Triage

Sharing

General

Target

3b8d5b1e7929e30478efdfa7a8a7baf5_JaffaCakes118
Size

219KB
Sample

241012-xhv82swbmf
MD5

3b8d5b1e7929e30478efdfa7a8a7baf5
SHA1

359cb20e5d775e97ba97ba268e83968b36f9cde0
SHA256

c0dfb23af5fda053445a6a1365d8850a37180cc5105a7712e51559b39db0de81
SHA512

92d2212a3e893bf71ca9d77e6a2a4c1f0e37c24cd7eef9a43cbdc7cb839fff66ff421ca8a6c0281a67e3c4789c749591779d0e440f117e91aad9337d966d8366
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0k:jDgtfRQUHPw06MoV2nwTBlhm8c

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  3b8d5b1e7929e30478efdfa7a8a7baf5_JaffaCakes118
- Size
  
  219KB
- MD5
  
  3b8d5b1e7929e30478efdfa7a8a7baf5
- SHA1
  
  359cb20e5d775e97ba97ba268e83968b36f9cde0
- SHA256
  
  c0dfb23af5fda053445a6a1365d8850a37180cc5105a7712e51559b39db0de81
- SHA512
  
  92d2212a3e893bf71ca9d77e6a2a4c1f0e37c24cd7eef9a43cbdc7cb839fff66ff421ca8a6c0281a67e3c4789c749591779d0e440f117e91aad9337d966d8366
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0k:jDgtfRQUHPw06MoV2nwTBlhm8c
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan