How Ursnif Evolves to Keep Threatening Italy
Security Affairs
JUNE 11, 2019
This layer is quite different because it contains a junk-char enriched hexadecimal code, actually XOR encrypted with the 0x52 key. Figure 4: Ursnif loader communication. In this case, the steganography technique is not the same as the one seen in the other branch, in fact the malware also uses a layer of the AES encryption.
Let's personalize your content