ursnif_rm3 | 5bd267095b25bea0d5a95b4d6c22b871056ca7b8dc137351850d6a577ba62b80 | Triage

Sharing

General

Target

5bd267095b25bea0d5a95b4d6c22b871056ca7b8dc137351850d6a577ba62b80.exe
Size

150KB
Sample

201209-g6smpr1gyx
MD5

a8864ed2fc43a52cb42127c37720c88e
SHA1

96a8f93afd9c2835ee1d22ab58cdd0399bfdfc21
SHA256

5bd267095b25bea0d5a95b4d6c22b871056ca7b8dc137351850d6a577ba62b80
SHA512

5502b38b0ca9921c9cf9c3667cef846f1f495302c89290ba7351c169cb50ad9153a7d097af9cc882a6d7353e7b118647a59a07aaa293c25dd243132f82e43deb

Score

10^/10

ursnif_rm3 banker trojan

Malware Config

Targets

- Target
  
  5bd267095b25bea0d5a95b4d6c22b871056ca7b8dc137351850d6a577ba62b80.exe
- Size
  
  150KB
- MD5
  
  a8864ed2fc43a52cb42127c37720c88e
- SHA1
  
  96a8f93afd9c2835ee1d22ab58cdd0399bfdfc21
- SHA256
  
  5bd267095b25bea0d5a95b4d6c22b871056ca7b8dc137351850d6a577ba62b80
- SHA512
  
  5502b38b0ca9921c9cf9c3667cef846f1f495302c89290ba7351c169cb50ad9153a7d097af9cc882a6d7353e7b118647a59a07aaa293c25dd243132f82e43deb
Score

10^/10

ursnif_rm3 banker trojan
- Ursnif RM3
  A heavily modified version of Ursnif discovered in the wild.
  banker trojan ursnif_rm3
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ursnif_rm3bankertrojan

behavioral2