|
gptkbp:instanceOf
|
malware
|
|
gptkbp:abilities
|
gptkb:man-in-the-browser_attacks
credential theft
web injection
keylogging
spreading to other systems
|
|
gptkbp:alsoKnownAs
|
gptkb:Gozi
gptkb:ISFB
|
|
gptkbp:area
|
gptkb:Europe
gptkb:North_America
global
|
|
gptkbp:detects
|
gptkb:security
|
|
gptkbp:discoveredBy
|
2007
|
|
gptkbp:distributedBy
|
malicious websites
malicious email attachments
exploit kits
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Ursnif
|
|
gptkbp:industry
|
gptkb:government
healthcare sector
retail sector
|
|
gptkbp:lastMajorUpdate
|
2022
|
|
gptkbp:notableBattle
|
gptkb:2016_Italian_banking_attacks
gptkb:2018_global_phishing_campaigns
|
|
gptkbp:notableFeature
|
persistence mechanisms
code obfuscation
modular payloads
anti-analysis techniques
|
|
gptkbp:notableVariant
|
gptkb:Dreambot
gptkb:IAP_malware
|
|
gptkbp:primaryUse
|
data exfiltration
stealing banking credentials
|
|
gptkbp:programmingLanguage
|
gptkb:assembly_language
gptkb:C++
|
|
gptkbp:relatedTo
|
gptkb:Zeus_malware_family
|
|
gptkbp:removes
|
manual removal
system restore
antivirus scan
|
|
gptkbp:sourceCodeLeaked
|
2015
|
|
gptkbp:status
|
active
|
|
gptkbp:target
|
gptkb:Windows_operating_system
|
|
gptkbp:threats
|
high
|
|
gptkbp:usedBy
|
cybercriminals
|
|
gptkbp:uses
|
command and control servers
modular architecture
encrypted communication
|
|
gptkbp:usesMalware
|
malware
|
|
gptkbp:bfsParent
|
gptkb:Domain_Generation_Algorithm
|
|
gptkbp:bfsLayer
|
6
|