yunsip | 70c4bef8ca88f47d059d73cbbd6efb7db97107179b6067bf517adc6a7f3e76f8 | Triage

Sharing

General

Target

70c4bef8ca88f47d059d73cbbd6efb7db97107179b6067bf517adc6a7f3e76f8
Size

873KB
Sample

241016-1xfzfsvgmc
MD5

605fb559e758cbd450665fe71ab88c4f
SHA1

30dd72e7f361859e4dfd1d05b2fc6f7c473062a6
SHA256

70c4bef8ca88f47d059d73cbbd6efb7db97107179b6067bf517adc6a7f3e76f8
SHA512

e35edd3bc53ef692edc88e9807f86bdd898d467b3845328218457a01ba64adce0769a93092e506ad5255957c66436a96820665c8952eab36b941eaf6492d049f
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0D:jDgtfRQUHPw06MoV2nwTBlhm8b

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  70c4bef8ca88f47d059d73cbbd6efb7db97107179b6067bf517adc6a7f3e76f8
- Size
  
  873KB
- MD5
  
  605fb559e758cbd450665fe71ab88c4f
- SHA1
  
  30dd72e7f361859e4dfd1d05b2fc6f7c473062a6
- SHA256
  
  70c4bef8ca88f47d059d73cbbd6efb7db97107179b6067bf517adc6a7f3e76f8
- SHA512
  
  e35edd3bc53ef692edc88e9807f86bdd898d467b3845328218457a01ba64adce0769a93092e506ad5255957c66436a96820665c8952eab36b941eaf6492d049f
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0D:jDgtfRQUHPw06MoV2nwTBlhm8b
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan