S0386Windows

S0386Ursnif

Platforms
1
ATT&CK
14.1
References
5

Description

[Ursnif](https://attack.mitre.org/software/S0386) is a banking trojan and variant of the Gozi malware observed being spread through various automated exploit kits, [Spearphishing Attachment](https://attack.mitre.org/techniques/T1566/001)s, and malicious links.(Citation: NJCCIC Ursnif Sept 2016)(Citation: ProofPoint Ursnif Aug 2016) [Ursnif](https://attack.mitre.org/software/S0386) is associated primarily with data theft, but variants also include components (backdoors, spyware, file injectors, etc.) capable of a wide variety of behaviors.(Citation: TrendMicro Ursnif Mar 2015)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0386
  2. https://blog.trendmicro.com/trendlabs-security-intelligence/ursnif-the-multifaceted-malware/?_ga=2.165628854.808042651.1508120821-744063452.1505819992
  3. https://www.cyber.nj.gov/threat-profiles/trojan-variants/ursnif
  4. https://www.proofpoint.com/us/threat-insight/post/ursnif-variant-dreambot-adds-tor-functionality
  5. https://www.fireeye.com/blog/threat-research/2017/11/ursnif-variant-malicious-tls-callback-technique.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Dridex
Software
Azorult
Software
Emotet
Software
TrickBot
Software
SifreCikis
Software
USR0
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.