ursnif_rm3 | 2e0b219c5ac3285a08e126f11c07ea3ac60bc96d16d37c2dc24dd8f68c492a74 | Triage

Sharing

General

Target

2e0b219c5ac3285a08e126f11c07ea3ac60bc96d16d37c2dc24dd8f68c492a74
Size

238KB
Sample

201014-v17jylj4zs
MD5

8ca2ae6ba5d55eb76144d6d82a635fd4
SHA1

0aef91a0009decb8ba191109c4ffa086800fa153
SHA256

2e0b219c5ac3285a08e126f11c07ea3ac60bc96d16d37c2dc24dd8f68c492a74
SHA512

800a2ade883b557e234eb29ca97cc41f6b69b3668513476aa0b3d1fbfc9aa7121a7d432076bd2cf674cd295a6592d4019906c0446bc00b7577555be4e3cbf662

Score

10^/10

ursnif_rm3 banker trojan

Malware Config

Targets

- Target
  
  2e0b219c5ac3285a08e126f11c07ea3ac60bc96d16d37c2dc24dd8f68c492a74
- Size
  
  238KB
- MD5
  
  8ca2ae6ba5d55eb76144d6d82a635fd4
- SHA1
  
  0aef91a0009decb8ba191109c4ffa086800fa153
- SHA256
  
  2e0b219c5ac3285a08e126f11c07ea3ac60bc96d16d37c2dc24dd8f68c492a74
- SHA512
  
  800a2ade883b557e234eb29ca97cc41f6b69b3668513476aa0b3d1fbfc9aa7121a7d432076bd2cf674cd295a6592d4019906c0446bc00b7577555be4e3cbf662
Score

10^/10

banker trojan ursnif_rm3
- Ursnif RM3
  A heavily modified version of Ursnif discovered in the wild.
  banker trojan ursnif_rm3
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankertrojanursnif_rm3

behavioral2