Home / malware VirTool:Win32/Ursnif.B
First posted on 03 May 2016.
Source: MicrosoftAliases :
There are no other names known for VirTool:Win32/Ursnif.B.
Explanation :
Virtool:Win32/Ursnif.B is the detection for the system file 'termsrv.dll' when it has been modified by TrojanSpy:Win32/Ursnif.gen!H. A 'termsrv.dll' file detected as Virtool:Win32/Ursnif.B has the following functionalities disabled:
- Logging of clients
- Ability to verify a certificate trust chain
Analysis by Jaime WongLast update 03 May 2016
