yunsip | ba678c387d73a2e864baaa1340ad0812c907dfd31a5d68e12e6c8676c6622fba | Triage

Sharing

General

Target

JaffaCakes118_ed24523f1e6058f95b50d673413175f0
Size

372KB
Sample

250212-e44hfaypar
MD5

ed24523f1e6058f95b50d673413175f0
SHA1

a598926bc8c1d85935d7395cdabd1a5de3591f14
SHA256

ba678c387d73a2e864baaa1340ad0812c907dfd31a5d68e12e6c8676c6622fba
SHA512

e841fa0e3f5d919d9d07fe0f46104dfe49f6a76b0ffcb94587578d2f930160659f743e63022a8ac4c2a3647c7521f7c1906c51d109fa9b205c4b7a620e2a4eb2
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0L:jDgtfRQUHPw06MoV2nwTBlhm8z

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_ed24523f1e6058f95b50d673413175f0
- Size
  
  372KB
- MD5
  
  ed24523f1e6058f95b50d673413175f0
- SHA1
  
  a598926bc8c1d85935d7395cdabd1a5de3591f14
- SHA256
  
  ba678c387d73a2e864baaa1340ad0812c907dfd31a5d68e12e6c8676c6622fba
- SHA512
  
  e841fa0e3f5d919d9d07fe0f46104dfe49f6a76b0ffcb94587578d2f930160659f743e63022a8ac4c2a3647c7521f7c1906c51d109fa9b205c4b7a620e2a4eb2
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0L:jDgtfRQUHPw06MoV2nwTBlhm8z
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
- Yunsip family
  yunsip
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan