ursnif_rm3 | f4c0e5c6f0deef58b93fb675108501bdffca205910f15253fe007a399532d6e5 | Triage

Sharing

General

Target

l1o2c3o4m5o6t7i8v.exe
Size

453KB
Sample

200710-vvbcsawxba
MD5

ecee3f4d2b76bd477d527ab4afb664e0
SHA1

4939e3539b20d667bfc0803f9997065cd58e64be
SHA256

f4c0e5c6f0deef58b93fb675108501bdffca205910f15253fe007a399532d6e5
SHA512

76f314e0b6ff412022b5b49575ff6e09068086e940e2c0264aa91814fb8e4e65fcd2e35d6287e70972569ac4e179679b0c3e90f2e066313e8df823af56f4b4c7

Score

10^/10

ursnif_rm3 banker trojan

Malware Config

Targets

- Target
  
  l1o2c3o4m5o6t7i8v.exe
- Size
  
  453KB
- MD5
  
  ecee3f4d2b76bd477d527ab4afb664e0
- SHA1
  
  4939e3539b20d667bfc0803f9997065cd58e64be
- SHA256
  
  f4c0e5c6f0deef58b93fb675108501bdffca205910f15253fe007a399532d6e5
- SHA512
  
  76f314e0b6ff412022b5b49575ff6e09068086e940e2c0264aa91814fb8e4e65fcd2e35d6287e70972569ac4e179679b0c3e90f2e066313e8df823af56f4b4c7
Score

10^/10

banker trojan ursnif_rm3
- Ursnif RM3
  A heavily modified version of Ursnif discovered in the wild.
  banker trojan ursnif_rm3
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankertrojanursnif_rm3

behavioral2