ursnif_rm3 | 76c8a9dbff9b571500729611595f1a1bce8dab543922d731c3bb42af5477f517 | Triage

Sharing

General

Target

76c8a9dbff9b571500729611595f1a1bce8dab543922d731c3bb42af5477f517
Size

459KB
Sample

201027-yd3ja2tnvn
MD5

165764b4314eea6105dcb41e02a0bea4
SHA1

9e9218fa0b3d51ed02185658a5290200b7ced108
SHA256

76c8a9dbff9b571500729611595f1a1bce8dab543922d731c3bb42af5477f517
SHA512

641477979c2484bd5101e537bea96001bcc93737b0945d26ab4ddc6d748653dce5f09655e0f6dec002c6f16aa2918dcfc77912b5c06323adee47c807de52adc6

Score

10^/10

ursnif_rm3 banker trojan

Malware Config

Targets

- Target
  
  76c8a9dbff9b571500729611595f1a1bce8dab543922d731c3bb42af5477f517
- Size
  
  459KB
- MD5
  
  165764b4314eea6105dcb41e02a0bea4
- SHA1
  
  9e9218fa0b3d51ed02185658a5290200b7ced108
- SHA256
  
  76c8a9dbff9b571500729611595f1a1bce8dab543922d731c3bb42af5477f517
- SHA512
  
  641477979c2484bd5101e537bea96001bcc93737b0945d26ab4ddc6d748653dce5f09655e0f6dec002c6f16aa2918dcfc77912b5c06323adee47c807de52adc6
Score

10^/10

banker trojan ursnif_rm3
- Ursnif RM3
  A heavily modified version of Ursnif discovered in the wild.
  banker trojan ursnif_rm3
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bankertrojanursnif_rm3

behavioral2