yunsip | f62b855402a06410cb8e14b56b6009b2a3192855d86d4683c3202acd5665fa70 | Triage

Sharing

General

Target

f62b855402a06410cb8e14b56b6009b2a3192855d86d4683c3202acd5665fa70
Size

1.0MB
Sample

241020-ejadvszdlp
MD5

5a7e2963f65dc2f3645bb891397780f0
SHA1

18d70bea5e333440a0d470ce2219996eb622f834
SHA256

f62b855402a06410cb8e14b56b6009b2a3192855d86d4683c3202acd5665fa70
SHA512

c6f0c2e8726e4273a79637cfd4ed2bc551b7bb65dc19fe779fdb438f6f28b9da2d23f4f58d1fe7bf4bbcd48d993dfaba19e97af24d40157c92af9eb1151f039a
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0I:jDgtfRQUHPw06MoV2nwTBlhm8g

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  f62b855402a06410cb8e14b56b6009b2a3192855d86d4683c3202acd5665fa70
- Size
  
  1.0MB
- MD5
  
  5a7e2963f65dc2f3645bb891397780f0
- SHA1
  
  18d70bea5e333440a0d470ce2219996eb622f834
- SHA256
  
  f62b855402a06410cb8e14b56b6009b2a3192855d86d4683c3202acd5665fa70
- SHA512
  
  c6f0c2e8726e4273a79637cfd4ed2bc551b7bb65dc19fe779fdb438f6f28b9da2d23f4f58d1fe7bf4bbcd48d993dfaba19e97af24d40157c92af9eb1151f039a
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0I:jDgtfRQUHPw06MoV2nwTBlhm8g
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan