yunsip | aec2f7d5b536575616385aa91e8695615bc709caa1048dc62000dee2b85e53e7 | Triage

Sharing

General

Target

aec2f7d5b536575616385aa91e8695615bc709caa1048dc62000dee2b85e53e7N.exe
Size

402KB
Sample

250215-28x8jszjeq
MD5

78bb27f26868c17a54e8c190a6ee9380
SHA1

3e2894ed9233426fad2159f146bea8fb5d6a7ed0
SHA256

aec2f7d5b536575616385aa91e8695615bc709caa1048dc62000dee2b85e53e7
SHA512

0af18bac3aa8242bd1830ff897b7cf7b289f1ac66a961f6025c7d62e205ac9b0194fa7889779d0a61b54f0577fcfde79615e54c5359917007bcb2b97b1d5d491
SSDEEP

3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0w:jDgtfRQUHPw06MoV2nwTBlhm8I

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  aec2f7d5b536575616385aa91e8695615bc709caa1048dc62000dee2b85e53e7N.exe
- Size
  
  402KB
- MD5
  
  78bb27f26868c17a54e8c190a6ee9380
- SHA1
  
  3e2894ed9233426fad2159f146bea8fb5d6a7ed0
- SHA256
  
  aec2f7d5b536575616385aa91e8695615bc709caa1048dc62000dee2b85e53e7
- SHA512
  
  0af18bac3aa8242bd1830ff897b7cf7b289f1ac66a961f6025c7d62e205ac9b0194fa7889779d0a61b54f0577fcfde79615e54c5359917007bcb2b97b1d5d491
- SSDEEP
  
  3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0w:jDgtfRQUHPw06MoV2nwTBlhm8I
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
- Yunsip family
  yunsip
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan