Overview

overview

10

Static

static

3

3bc45b8adf...1N.dll

windows7-x64

10

3bc45b8adf...1N.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    102s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-10-2024 03:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3bc45b8adf83b531b4667a6d87617de27635d549c320b19a02d639b1ad335171N.dll

  • Size

    1.1MB

  • MD5

    27f902421967ef4b41bb4fcff9004df0

  • SHA1

    727d1172e0a7f956e46c6503fede8937c18f6f06

  • SHA256

    3bc45b8adf83b531b4667a6d87617de27635d549c320b19a02d639b1ad335171

  • SHA512

    fce9a12fdb2b5dacf21a9dbe2abd45b1826b057da458c9778df0fd5ce8f5fa222582fe6eb77e434a67fb62ee675dd17170deca46746a1a2d9ea7bc78afa5b02d

  • SSDEEP

    6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYY2:o6RI1Fo/wT3cJYYYYYYYYYYYY2

Score
10/10
yunsipbankerdiscoverytrojan

Malware Config

Signatures

  • Yunsip

    Remote backdoor which communicates with a C2 server to receive commands.

    trojanbankeryunsip
  • Yunsip family
    yunsip
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3bc45b8adf83b531b4667a6d87617de27635d549c320b19a02d639b1ad335171N.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:448
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3bc45b8adf83b531b4667a6d87617de27635d549c320b19a02d639b1ad335171N.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:4748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads