General
-
Target
SecuriteInfo.com.BScope.TrojanSpy.Ursnif.27559
-
Size
426KB
-
Sample
200626-xs19z3xc5a
-
MD5
95d3b622d696c1a31dbef624a2e47163
-
SHA1
8a1c5a4f794af421e7b54471ed7f4a62212721a0
-
SHA256
f84e08a4d83f63cb37f7117f401c242ecbd3ebbd6b7a12fb99332bcf5950f803
-
SHA512
c3ac8a246e7d769faa21f330c5c0a0fef4c4e33a6875478e43ee891f367e90fee3ea657b08ba338f6263e38b17efe69b7c5c1c86167afc871b9a20f251fd67d1
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BScope.TrojanSpy.Ursnif.27559.dll
Resource
win7
Malware Config
Targets
-
-
Target
SecuriteInfo.com.BScope.TrojanSpy.Ursnif.27559
-
Size
426KB
-
MD5
95d3b622d696c1a31dbef624a2e47163
-
SHA1
8a1c5a4f794af421e7b54471ed7f4a62212721a0
-
SHA256
f84e08a4d83f63cb37f7117f401c242ecbd3ebbd6b7a12fb99332bcf5950f803
-
SHA512
c3ac8a246e7d769faa21f330c5c0a0fef4c4e33a6875478e43ee891f367e90fee3ea657b08ba338f6263e38b17efe69b7c5c1c86167afc871b9a20f251fd67d1
Score10/10-
Blacklisted process makes network request
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Modifies service
-
Suspicious use of SetThreadContext
-