yunsip | d410bf9b0b47daef48f0ee8fb2359190b73a674ca1df958bd86690f5d7ea8c9c | Triage

Sharing

General

Target

d410bf9b0b47daef48f0ee8fb2359190b73a674ca1df958bd86690f5d7ea8c9cN
Size

1.1MB
Sample

241017-12qdpaserm
MD5

04a18842ea0f40c06c48785257315ee0
SHA1

f9f8b6d80d654d2a9b19a486b7b8df1de1ec3de6
SHA256

d410bf9b0b47daef48f0ee8fb2359190b73a674ca1df958bd86690f5d7ea8c9c
SHA512

5e55760ac00d75b9c4da6a9fc92610f658f1adf2c0c5e4d206f82cff94682a754e3d0a6e881aca2a55a197f1027a7df1b5a9ae92d7905f21851a13007751cafe
SSDEEP

6144:jDgtfRQUHPw06MoV2nwTBlhm8zDgtfRQUHPw06MoV2nwTBlhm8Y:jDgN6MoIwT3vDgN6MoIwT3k

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  d410bf9b0b47daef48f0ee8fb2359190b73a674ca1df958bd86690f5d7ea8c9cN
- Size
  
  1.1MB
- MD5
  
  04a18842ea0f40c06c48785257315ee0
- SHA1
  
  f9f8b6d80d654d2a9b19a486b7b8df1de1ec3de6
- SHA256
  
  d410bf9b0b47daef48f0ee8fb2359190b73a674ca1df958bd86690f5d7ea8c9c
- SHA512
  
  5e55760ac00d75b9c4da6a9fc92610f658f1adf2c0c5e4d206f82cff94682a754e3d0a6e881aca2a55a197f1027a7df1b5a9ae92d7905f21851a13007751cafe
- SSDEEP
  
  6144:jDgtfRQUHPw06MoV2nwTBlhm8zDgtfRQUHPw06MoV2nwTBlhm8Y:jDgN6MoIwT3vDgN6MoIwT3k
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan