Ursnif

GPTKB entity

Statements (48)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities gptkb:man-in-the-browser_attacks
credential theft
web injection
keylogging
spreading to other systems
gptkbp:alsoKnownAs gptkb:Gozi
gptkb:ISFB
gptkbp:area gptkb:Europe
gptkb:North_America
global
gptkbp:detects gptkb:security
gptkbp:discoveredBy 2007
gptkbp:distributedBy malicious websites
malicious email attachments
exploit kits
https://www.w3.org/2000/01/rdf-schema#label Ursnif
gptkbp:industry gptkb:government
healthcare sector
retail sector
gptkbp:lastMajorUpdate 2022
gptkbp:notableBattle gptkb:2016_Italian_banking_attacks
gptkb:2018_global_phishing_campaigns
gptkbp:notableFeature persistence mechanisms
code obfuscation
modular payloads
anti-analysis techniques
gptkbp:notableVariant gptkb:Dreambot
gptkb:IAP_malware
gptkbp:primaryUse data exfiltration
stealing banking credentials
gptkbp:programmingLanguage gptkb:assembly_language
gptkb:C++
gptkbp:relatedTo gptkb:Zeus_malware_family
gptkbp:removes manual removal
system restore
antivirus scan
gptkbp:sourceCodeLeaked 2015
gptkbp:status active
gptkbp:target gptkb:Windows_operating_system
gptkbp:threats high
gptkbp:usedBy cybercriminals
gptkbp:uses command and control servers
modular architecture
encrypted communication
gptkbp:usesMalware malware
gptkbp:bfsParent gptkb:Domain_Generation_Algorithm
gptkbp:bfsLayer 6