Powered by Zoomin Software. For more details please contactZoomin

Flowmon ADS BPATTERNS Description

Table of Contents

URSNIF_BankingTrojan - description

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: May 1, 2026
  • 1 minute read
    • Flowmon Products
    • Flowmon Anomaly Detection System
    • Documentation

Sources:

Tax-themed spam campaign targeting North American taxpayers with URSNIF malware

URSNIF distribution through hijacked email reply chains

URSNIF is a banking trojan that primarily targets American taxpayers.

Attackers distribute this malware through phishing emails containing URLs that download zip archives with Visual Basic scripts. These scripts then download executable files. Once installed, URSNIF injects malicious code into websites the victim visits and steals user credentials.

Flowmon ADS detects download sites and communication with command and control servers.

URSNIF banking trojan detection in Flowmon ADS
URSNIF banking trojan detection in Flowmon ADS

TitleResults for “How to create a CRG?”Also Available inAlert