Slide 1
Your Trusted IT Support Partner Since 2003

We deliver reliable and affordable IT solutions for the Small Business Community.



Trojan.Spy.Ursnif is a Trojan malware designed to steal information and compromise the infected system. The Trojan is known to take snapshot of processes and latches on to the browser. All major browsers from Chrome and Firefox to Opera and Safari are affected by this Trojan. It connects to a remote server giving different host names. The code executed to connect to the remote server is give below

GET /cgi-bin/cmd.cgi?user_id=2806922672&version_id=2037028&passphrase=fkjvhsdvlksdhvlsd&socks=0&version=2037028&crc=00000000 HTTP/1.1

The Trojan affects the registry entries to be executed every time the system is switched on. The Trojan also adds an exception in the windows firewall setting to ensure that it is not blocked. It also downloads an encrypted buffer to the memory location containing bank websites names to steal account information and passwords.


Call DP Tech Group for your business IT needs. 630-372-0100

Give us a call or fill out our contact form for a quote.

Scroll to Top