yunsip | 6e85a04c0b8dea65d83ffc4dd5bb2085cc2a8eba4b9e87fadae1d08854bdd752 | Triage

Sharing

General

Target

6e85a04c0b8dea65d83ffc4dd5bb2085cc2a8eba4b9e87fadae1d08854bdd752.exe
Size

687KB
Sample

250216-wa339atphn
MD5

b4c750686c609bfde8cbc8a1ae38ef75
SHA1

9149bbdc4a8ac9c5e555fa837bbd34f55542ede5
SHA256

6e85a04c0b8dea65d83ffc4dd5bb2085cc2a8eba4b9e87fadae1d08854bdd752
SHA512

73da04a92621ed37be92aef9b37a1a0c809fe1b31236f20a883eac6b6e9228d4d9871879f906f7c81809c195c857e31ac728e17f625b06616d4d6d54856672be
SSDEEP

6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYYE:o6RI1Fo/wT3cJYYYYYYYYYYYYE

Score

10^/10

yunsip banker discovery trojan

Malware Config

Targets

- Target
  
  6e85a04c0b8dea65d83ffc4dd5bb2085cc2a8eba4b9e87fadae1d08854bdd752.exe
- Size
  
  687KB
- MD5
  
  b4c750686c609bfde8cbc8a1ae38ef75
- SHA1
  
  9149bbdc4a8ac9c5e555fa837bbd34f55542ede5
- SHA256
  
  6e85a04c0b8dea65d83ffc4dd5bb2085cc2a8eba4b9e87fadae1d08854bdd752
- SHA512
  
  73da04a92621ed37be92aef9b37a1a0c809fe1b31236f20a883eac6b6e9228d4d9871879f906f7c81809c195c857e31ac728e17f625b06616d4d6d54856672be
- SSDEEP
  
  6144:o6C5AXbMn7UI1FoV2gwTBlrIckPJYYYYYYYYYYYYE:o6RI1Fo/wT3cJYYYYYYYYYYYYE
Score

10^/10

yunsip banker discovery trojan
- Yunsip
  Remote backdoor which communicates with a C2 server to receive commands.
  trojan banker yunsip
- Yunsip family
  yunsip
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

yunsipbankerdiscoverytrojan

behavioral2

yunsipbankerdiscoverytrojan