Rule Library

Sigma Rules

4 rules found for "Ursnif"

3,731Total

3,132Detection

457Emerging

139Hunting

Filters

Type

Severity

Status

Product

Category

Emerging Threatcriticalstable

Ursnif Malware C2 URL Pattern

Detects Ursnif C2 traffic.

Thomas PatzkeThu Dec 192019

Emerging Threathighstable

Ursnif Malware Download URL Pattern

Detects download of Ursnif malware done by dropper documents.

Thomas PatzkeThu Dec 192019

Emerging Threathightest

Potential Ursnif Malware Activity - Registry

Detects registry keys related to Ursnif malware.

WindowsRegistry Add

megan201296Wed Feb 132019

Emerging Threathightest

Ursnif Redirection Of Discovery Commands

Detects the redirection of Ursnif discovery commands as part of the initial execution of the malware.

WindowsProcess Creation

kostastsaleSun Jul 162023