Ursnif
Malware Misuses Common Operating System Commands to Perform Targeted Attacks
We previously posted a blog about the Ursnif family of malware using language checks to determine the end user’s location as a means of bypassing sandbox-based endpoint protection during regionally targeted attacks ...
Tricks and COMfoolery: How Ursnif Evades Detection
Ursnif is one of the main threats that is effectively evading detection right now (at publication) The dropper uses a COM technique to hide its process parentage WMI is used to bypass ...