ursnif_rm3 | 75b120ff83b26c6ef8d2929be332e336ad5d56bd8e3d319d48a5e30827d432ab | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

300 seconds - Win. 7

windows7_x64

Sharing

General

Target

940ss029ds37d78.exe
Size

1.2MB
Sample

200505-wleydbd8gn
MD5

d7da16d450ecd75e565db4bafd2dff09
SHA1

ed14500a3eca325675fe5a1e865a38ccbf58abb7
SHA256

75b120ff83b26c6ef8d2929be332e336ad5d56bd8e3d319d48a5e30827d432ab
SHA512

12cdc3816796d44472785319bdb237ea74563544d658ae172337d9d11e915eddc5a9291df4847506652812fe6ae7e2e116d5de751b124edc9c85caa25af3cdd4

Score

10^/10

ursnif_rm3 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

940ss029ds37d78.exe

Resource

win7v200430

banker trojan ursnif_rm3

windows7_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  940ss029ds37d78.exe
- Size
  
  1.2MB
- MD5
  
  d7da16d450ecd75e565db4bafd2dff09
- SHA1
  
  ed14500a3eca325675fe5a1e865a38ccbf58abb7
- SHA256
  
  75b120ff83b26c6ef8d2929be332e336ad5d56bd8e3d319d48a5e30827d432ab
- SHA512
  
  12cdc3816796d44472785319bdb237ea74563544d658ae172337d9d11e915eddc5a9291df4847506652812fe6ae7e2e116d5de751b124edc9c85caa25af3cdd4
Score

10^/10

banker trojan ursnif_rm3
- Ursnif RM3
  A heavily modified version of Ursnif discovered in the wild.
  banker trojan ursnif_rm3
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankertrojanursnif_rm3

© 2018-2025

Terms | Privacy