ursnif_rm3 | 1f4236670c3d92ca85fbe208a0ef57e1a24f1def32e341cf015cdb7ff1b070e1 | Triage

Sharing

General

Target

1f4236670c3d92ca85fbe208a0ef57e1a24f1def32e341cf015cdb7ff1b070e1
Size

230KB
Sample

200527-f17cymtjpa
MD5

e7eeabf6ffae57f6170360b9683af2ab
SHA1

f9cf5bffc9124dc0987c7174c73c7d8985827de7
SHA256

1f4236670c3d92ca85fbe208a0ef57e1a24f1def32e341cf015cdb7ff1b070e1
SHA512

7683a8226bac4f8997d290c6bb4a026e20b33b4041cd10f292b1115b4b9bdd2aa71c6a9cdf47979977b74ad6eacb3bc8d307f78f1417fbf82a20eeeb5bb25add

Score

10^/10

ursnif_rm3 banker trojan

Malware Config

Targets

- Target
  
  1f4236670c3d92ca85fbe208a0ef57e1a24f1def32e341cf015cdb7ff1b070e1
- Size
  
  230KB
- MD5
  
  e7eeabf6ffae57f6170360b9683af2ab
- SHA1
  
  f9cf5bffc9124dc0987c7174c73c7d8985827de7
- SHA256
  
  1f4236670c3d92ca85fbe208a0ef57e1a24f1def32e341cf015cdb7ff1b070e1
- SHA512
  
  7683a8226bac4f8997d290c6bb4a026e20b33b4041cd10f292b1115b4b9bdd2aa71c6a9cdf47979977b74ad6eacb3bc8d307f78f1417fbf82a20eeeb5bb25add
Score

10^/10

banker trojan ursnif_rm3
- Ursnif RM3
  A heavily modified version of Ursnif discovered in the wild.
  banker trojan ursnif_rm3
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankertrojanursnif_rm3

behavioral2