Troj/Ursnif-T

Category: Viruses and Spyware Protection available since:09 Mar 2013 14:26:19 (GMT)
Type: Trojan Last Updated:09 Mar 2013 14:26:19 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Ursnif-T exhibits the following characteristics:

File Information

Size
222K
SHA-1
44af159ba6734280388faf07cafaf2d29216a441
MD5
9f8ab4160decc836ec7899bb9302950c
CRC-32
bc890c44
File type
Windows executable
First seen
2013-02-13

Runtime Analysis

Dropped Files
  • C:\149484.bat
    Size
    70
    SHA-1
    3a99ef97e04fc98afe9449ba604228bb900224e0
    MD5
    7db4a2ed201d2fe220d699a5f4f6816a
    CRC-32
    81be7f6d
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-03-09
  • C:\WINDOWS\system32\ntkrll32.dll
    Size
    58K
    SHA-1
    c3d1277a80c10d1e6b122557afa1a33acba4c1f0
    MD5
    ce83b253355de78f7b3b43d7ba26577a
    CRC-32
    cefa92e0
    File type
    Windows executable
    First seen
    2013-02-15
Registry Keys Created
  • HKCU\Software\AppDataLow\Software\Microsoft\Internet Explorer\Security\AntiPhishing\F05EEEEE-8F65-A215-9924-33F6DD98178A
    Group
    0x000004b2

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information