Overview

overview

1

Static

static

1

ri0t[v5]/build.cmd

windows7-x64

1

ri0t[v5]/build.cmd

windows10-2004-x64

1

ri0t[v5]/cpp/misc.vbs

windows7-x64

1

ri0t[v5]/cpp/misc.vbs

windows10-2004-x64

1

ri0t[v5]/d...2C.com

windows7-x64

ri0t[v5]/d...2C.com

windows10-2004-x64

ri0t[v5]/d...ld.cmd

windows7-x64

1

ri0t[v5]/d...ld.cmd

windows10-2004-x64

1

ri0t[v5]/ri0t.html

windows7-x64

1

ri0t[v5]/ri0t.html

windows10-2004-x64

1

ri0t[v5]/r...ld.cmd

windows7-x64

1

ri0t[v5]/r...ld.cmd

windows10-2004-x64

1

ri0t[v5]/r...sc.vbs

windows7-x64

1

ri0t[v5]/r...sc.vbs

windows10-2004-x64

1

ri0t[v5]/r...2C.com

windows7-x64

ri0t[v5]/r...2C.com

windows10-2004-x64

ri0t[v5]/r...ld.cmd

windows7-x64

1

ri0t[v5]/r...ld.cmd

windows10-2004-x64

1

ri0t[v5]/r...t.html

windows7-x64

1

ri0t[v5]/r...t.html

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    ri0tv5.rar

  • Size

    832KB

  • MD5

    f0a504aa728922406552dbfddd18df23

  • SHA1

    bbf74ca4d09e057fe52ab6c650516cc78eea4881

  • SHA256

    05a94d1304980d2e35eea2b683a5c94ac7e82d90769ef3cc9512e0c11872f7a4

  • SHA512

    adbe33e68e4d1d5dcb5a33377be8fe6a2bc27b78f868ae6036119d88eaf9d93799dd246d001ccfb64f899da8e70a914242fafed53a13166bde20bfbb549d2177

  • SSDEEP

    24576:gYzTciSvHztPvn4xiaqT746eciCvHztPvA3GNRSIq:gYzNOHzt2O746ueHztb5q

Score
1/10

Malware Config

Signatures

Files

  • ri0tv5.rar
    .rar

    Password: infected

  • ri0t[v5]/MSNMessengerAPI.tlb
  • ri0t[v5]/build.cmd
  • ri0t[v5]/configs.h
  • ri0t[v5]/cpp/advscan.cpp
  • ri0t[v5]/cpp/aliaslog.cpp
  • ri0t[v5]/cpp/autostart.cpp
  • ri0t[v5]/cpp/avirus.cpp
  • ri0t[v5]/cpp/cdkeys.cpp
  • ri0t[v5]/cpp/commands.cpp
  • ri0t[v5]/cpp/connect.cpp
  • ri0t[v5]/cpp/crc32.cpp
  • ri0t[v5]/cpp/crypt.cpp
  • ri0t[v5]/cpp/dcom2.cpp
  • ri0t[v5]/cpp/download.cpp
  • ri0t[v5]/cpp/driveinfo.cpp
  • ri0t[v5]/cpp/ehandler.cpp
  • ri0t[v5]/cpp/findfile.cpp
  • ri0t[v5]/cpp/firefox.cpp
  • ri0t[v5]/cpp/fphost.cpp
  • ri0t[v5]/cpp/ftptransfer.cpp
  • ri0t[v5]/cpp/httpd.cpp
  • ri0t[v5]/cpp/icmpflood.cpp
  • ri0t[v5]/cpp/ident.cpp
  • ri0t[v5]/cpp/irc_send.cpp
  • ri0t[v5]/cpp/keylogger.cpp
  • ri0t[v5]/cpp/loaddlls.cpp
  • ri0t[v5]/cpp/misc.cpp
    .vbs
  • ri0t[v5]/cpp/msn.cpp
  • ri0t[v5]/cpp/net.cpp
  • ri0t[v5]/cpp/netutils.cpp
  • ri0t[v5]/cpp/peer2peer.cpp
  • ri0t[v5]/cpp/persist.cpp
  • ri0t[v5]/cpp/pingudp.cpp
  • ri0t[v5]/cpp/processes.cpp
  • ri0t[v5]/cpp/protocol.cpp
  • ri0t[v5]/cpp/psniff.cpp
  • ri0t[v5]/cpp/pstore.cpp
  • ri0t[v5]/cpp/remotecmd.cpp
  • ri0t[v5]/cpp/ri0t.cpp
  • ri0t[v5]/cpp/rndnick.cpp
  • ri0t[v5]/cpp/rootkit.cpp
  • ri0t[v5]/cpp/sandbust.cpp
  • ri0t[v5]/cpp/session.cpp
  • ri0t[v5]/cpp/shellcode.cpp
  • ri0t[v5]/cpp/slimftp.cpp
  • ri0t[v5]/cpp/startup.cpp
  • ri0t[v5]/cpp/sysinfo.cpp
  • ri0t[v5]/cpp/tftpd.cpp
  • ri0t[v5]/cpp/threads.cpp
  • ri0t[v5]/cpp/usb.cpp
  • ri0t[v5]/cpp/visit.cpp
  • ri0t[v5]/cpp/vnc.cpp
  • ri0t[v5]/cpp/wildcard.cpp
  • ri0t[v5]/docs/Instructions.txt
  • ri0t[v5]/docs/bot2dll/BIN2C.COM
  • ri0t[v5]/docs/bot2dll/bot2dll.dsp
  • ri0t[v5]/docs/bot2dll/bot2dll.dsw
  • ri0t[v5]/docs/bot2dll/build.cmd
  • ri0t[v5]/docs/bot2dll/dll.cpp
  • ri0t[v5]/docs/bot2dll/ext.h
  • ri0t[v5]/docs/bot2dll/main.cpp
  • ri0t[v5]/docs/commands.txt
  • ri0t[v5]/docs/features.txt
  • ri0t[v5]/h/IPHlpApi.h
  • ri0t[v5]/h/LM.h
  • ri0t[v5]/h/LMat.h
  • ri0t[v5]/h/advscan.h
  • ri0t[v5]/h/aliaslog.h
  • ri0t[v5]/h/autostart.h
  • ri0t[v5]/h/avirus.h
  • ri0t[v5]/h/capture.h
  • ri0t[v5]/h/cdkeys.h
  • ri0t[v5]/h/commands.h
  • ri0t[v5]/h/connect.h
  • ri0t[v5]/h/crc32.h
  • ri0t[v5]/h/crypt.h
  • ri0t[v5]/h/d3des.c
  • ri0t[v5]/h/dcom2.h
  • ri0t[v5]/h/ddos.h
  • ri0t[v5]/h/defines.h
  • ri0t[v5]/h/download.h
  • ri0t[v5]/h/driveinfo.h
  • ri0t[v5]/h/ehandler.h
  • ri0t[v5]/h/externs.h
  • ri0t[v5]/h/findfile.h
  • ri0t[v5]/h/firefox.h
  • ri0t[v5]/h/fphost.h
  • ri0t[v5]/h/ftptransfer.h
  • ri0t[v5]/h/functions.h
  • ri0t[v5]/h/global.h
  • ri0t[v5]/h/globals.h
  • ri0t[v5]/h/httpd.h
  • ri0t[v5]/h/icmpflood.h
  • ri0t[v5]/h/ident.h
  • ri0t[v5]/h/includes.h
  • ri0t[v5]/h/irc_send.h
  • ri0t[v5]/h/keylogger.h
  • ri0t[v5]/h/loaddlls.h
  • ri0t[v5]/h/misc.h
  • ri0t[v5]/h/msn.h
  • ri0t[v5]/h/net.h
  • ri0t[v5]/h/netutils.h
  • ri0t[v5]/h/nicklist.h
  • ri0t[v5]/h/passwd.h
  • ri0t[v5]/h/peer2peer.h
  • ri0t[v5]/h/processes.h
  • ri0t[v5]/h/protocol.h
  • ri0t[v5]/h/psniff.h
  • ri0t[v5]/h/remotecmd.h
  • ri0t[v5]/h/ri0t.h
  • ri0t[v5]/h/rndnick.h
  • ri0t[v5]/h/rootkit.h
  • ri0t[v5]/h/sandbust.h
  • ri0t[v5]/h/secure.h
  • ri0t[v5]/h/session.h
  • ri0t[v5]/h/shellcode.h
  • ri0t[v5]/h/slimftp.h
  • ri0t[v5]/h/startup.h
  • ri0t[v5]/h/sysinfo.h
  • ri0t[v5]/h/tcpip.h
  • ri0t[v5]/h/tftpd.h
  • ri0t[v5]/h/threads.h
  • ri0t[v5]/h/usb.h
  • ri0t[v5]/h/utility.h
  • ri0t[v5]/h/visit.h
  • ri0t[v5]/h/vnc.h
  • ri0t[v5]/h/wildcard.h
  • ri0t[v5]/h/windns.h
  • ri0t[v5]/jpg.ico
  • ri0t[v5]/msn/MSNMessengerAPI.tlb
  • ri0t[v5]/msn/MSNMessengerAPI.tlh
  • ri0t[v5]/msn/MSNMessengerAPI.tli
  • ri0t[v5]/msn/msnsend.cpp
  • ri0t[v5]/msn/msnsend.h
  • ri0t[v5]/msn/zip.cpp
  • ri0t[v5]/msn/zip.h
  • ri0t[v5]/res.aps
  • ri0t[v5]/res.rc
  • ri0t[v5]/ri0t.dsp
  • ri0t[v5]/ri0t.dsw
  • ri0t[v5]/ri0t.ncb
  • ri0t[v5]/ri0t.opt
  • ri0t[v5]/ri0t.plg
    .html
  • ri0t[v5]/ri0t[v5]/Debug/MSNMessengerAPI.tlh
  • ri0t[v5]/ri0t[v5]/Debug/MSNMessengerAPI.tli
  • ri0t[v5]/ri0t[v5]/Debug/pstorec.tlh
  • ri0t[v5]/ri0t[v5]/Debug/pstorec.tli
  • ri0t[v5]/ri0t[v5]/MSNMessengerAPI.tlb
  • ri0t[v5]/ri0t[v5]/build.cmd
  • ri0t[v5]/ri0t[v5]/configs.h
  • ri0t[v5]/ri0t[v5]/cpp/advscan.cpp
  • ri0t[v5]/ri0t[v5]/cpp/aliaslog.cpp
  • ri0t[v5]/ri0t[v5]/cpp/autostart.cpp
  • ri0t[v5]/ri0t[v5]/cpp/avirus.cpp
  • ri0t[v5]/ri0t[v5]/cpp/cdkeys.cpp
  • ri0t[v5]/ri0t[v5]/cpp/commands.cpp
  • ri0t[v5]/ri0t[v5]/cpp/connect.cpp
  • ri0t[v5]/ri0t[v5]/cpp/crc32.cpp
  • ri0t[v5]/ri0t[v5]/cpp/crypt.cpp
  • ri0t[v5]/ri0t[v5]/cpp/dcom2.cpp
  • ri0t[v5]/ri0t[v5]/cpp/download.cpp
  • ri0t[v5]/ri0t[v5]/cpp/driveinfo.cpp
  • ri0t[v5]/ri0t[v5]/cpp/ehandler.cpp
  • ri0t[v5]/ri0t[v5]/cpp/findfile.cpp
  • ri0t[v5]/ri0t[v5]/cpp/firefox.cpp
  • ri0t[v5]/ri0t[v5]/cpp/fphost.cpp
  • ri0t[v5]/ri0t[v5]/cpp/ftptransfer.cpp
  • ri0t[v5]/ri0t[v5]/cpp/httpd.cpp
  • ri0t[v5]/ri0t[v5]/cpp/icmpflood.cpp
  • ri0t[v5]/ri0t[v5]/cpp/ident.cpp
  • ri0t[v5]/ri0t[v5]/cpp/irc_send.cpp
  • ri0t[v5]/ri0t[v5]/cpp/keylogger.cpp
  • ri0t[v5]/ri0t[v5]/cpp/loaddlls.cpp
  • ri0t[v5]/ri0t[v5]/cpp/misc.cpp
    .vbs
  • ri0t[v5]/ri0t[v5]/cpp/msn.cpp
  • ri0t[v5]/ri0t[v5]/cpp/net.cpp
  • ri0t[v5]/ri0t[v5]/cpp/netutils.cpp
  • ri0t[v5]/ri0t[v5]/cpp/peer2peer.cpp
  • ri0t[v5]/ri0t[v5]/cpp/persist.cpp
  • ri0t[v5]/ri0t[v5]/cpp/pingudp.cpp
  • ri0t[v5]/ri0t[v5]/cpp/processes.cpp
  • ri0t[v5]/ri0t[v5]/cpp/protocol.cpp
  • ri0t[v5]/ri0t[v5]/cpp/psniff.cpp
  • ri0t[v5]/ri0t[v5]/cpp/pstore.cpp
  • ri0t[v5]/ri0t[v5]/cpp/remotecmd.cpp
  • ri0t[v5]/ri0t[v5]/cpp/ri0t.cpp
  • ri0t[v5]/ri0t[v5]/cpp/rndnick.cpp
  • ri0t[v5]/ri0t[v5]/cpp/rootkit.cpp
  • ri0t[v5]/ri0t[v5]/cpp/sandbust.cpp
  • ri0t[v5]/ri0t[v5]/cpp/session.cpp
  • ri0t[v5]/ri0t[v5]/cpp/shellcode.cpp
  • ri0t[v5]/ri0t[v5]/cpp/slimftp.cpp
  • ri0t[v5]/ri0t[v5]/cpp/startup.cpp
  • ri0t[v5]/ri0t[v5]/cpp/sysinfo.cpp
  • ri0t[v5]/ri0t[v5]/cpp/tftpd.cpp
  • ri0t[v5]/ri0t[v5]/cpp/threads.cpp
  • ri0t[v5]/ri0t[v5]/cpp/usb.cpp
  • ri0t[v5]/ri0t[v5]/cpp/visit.cpp
  • ri0t[v5]/ri0t[v5]/cpp/vnc.cpp
  • ri0t[v5]/ri0t[v5]/cpp/wildcard.cpp
  • ri0t[v5]/ri0t[v5]/docs/Instructions.txt
  • ri0t[v5]/ri0t[v5]/docs/bot2dll/BIN2C.COM
  • ri0t[v5]/ri0t[v5]/docs/bot2dll/bot2dll.dsp
  • ri0t[v5]/ri0t[v5]/docs/bot2dll/bot2dll.dsw
  • ri0t[v5]/ri0t[v5]/docs/bot2dll/build.cmd
  • ri0t[v5]/ri0t[v5]/docs/bot2dll/dll.cpp
  • ri0t[v5]/ri0t[v5]/docs/bot2dll/ext.h
  • ri0t[v5]/ri0t[v5]/docs/bot2dll/main.cpp
  • ri0t[v5]/ri0t[v5]/docs/commands.txt
  • ri0t[v5]/ri0t[v5]/docs/features.txt
  • ri0t[v5]/ri0t[v5]/h/IPHlpApi.h
  • ri0t[v5]/ri0t[v5]/h/LM.h
  • ri0t[v5]/ri0t[v5]/h/LMat.h
  • ri0t[v5]/ri0t[v5]/h/advscan.h
  • ri0t[v5]/ri0t[v5]/h/aliaslog.h
  • ri0t[v5]/ri0t[v5]/h/autostart.h
  • ri0t[v5]/ri0t[v5]/h/avirus.h
  • ri0t[v5]/ri0t[v5]/h/capture.h
  • ri0t[v5]/ri0t[v5]/h/cdkeys.h
  • ri0t[v5]/ri0t[v5]/h/commands.h
  • ri0t[v5]/ri0t[v5]/h/connect.h
  • ri0t[v5]/ri0t[v5]/h/crc32.h
  • ri0t[v5]/ri0t[v5]/h/crypt.h
  • ri0t[v5]/ri0t[v5]/h/d3des.c
  • ri0t[v5]/ri0t[v5]/h/dcom2.h
  • ri0t[v5]/ri0t[v5]/h/ddos.h
  • ri0t[v5]/ri0t[v5]/h/defines.h
  • ri0t[v5]/ri0t[v5]/h/download.h
  • ri0t[v5]/ri0t[v5]/h/driveinfo.h
  • ri0t[v5]/ri0t[v5]/h/ehandler.h
  • ri0t[v5]/ri0t[v5]/h/externs.h
  • ri0t[v5]/ri0t[v5]/h/findfile.h
  • ri0t[v5]/ri0t[v5]/h/firefox.h
  • ri0t[v5]/ri0t[v5]/h/fphost.h
  • ri0t[v5]/ri0t[v5]/h/ftptransfer.h
  • ri0t[v5]/ri0t[v5]/h/functions.h
  • ri0t[v5]/ri0t[v5]/h/global.h
  • ri0t[v5]/ri0t[v5]/h/globals.h
  • ri0t[v5]/ri0t[v5]/h/httpd.h
  • ri0t[v5]/ri0t[v5]/h/icmpflood.h
  • ri0t[v5]/ri0t[v5]/h/ident.h
  • ri0t[v5]/ri0t[v5]/h/includes.h
  • ri0t[v5]/ri0t[v5]/h/irc_send.h
  • ri0t[v5]/ri0t[v5]/h/keylogger.h
  • ri0t[v5]/ri0t[v5]/h/loaddlls.h
  • ri0t[v5]/ri0t[v5]/h/misc.h
  • ri0t[v5]/ri0t[v5]/h/msn.h
  • ri0t[v5]/ri0t[v5]/h/net.h
  • ri0t[v5]/ri0t[v5]/h/netutils.h
  • ri0t[v5]/ri0t[v5]/h/nicklist.h
  • ri0t[v5]/ri0t[v5]/h/passwd.h
  • ri0t[v5]/ri0t[v5]/h/peer2peer.h
  • ri0t[v5]/ri0t[v5]/h/processes.h
  • ri0t[v5]/ri0t[v5]/h/protocol.h
  • ri0t[v5]/ri0t[v5]/h/psniff.h
  • ri0t[v5]/ri0t[v5]/h/remotecmd.h
  • ri0t[v5]/ri0t[v5]/h/ri0t.h
  • ri0t[v5]/ri0t[v5]/h/rndnick.h
  • ri0t[v5]/ri0t[v5]/h/rootkit.h
  • ri0t[v5]/ri0t[v5]/h/sandbust.h
  • ri0t[v5]/ri0t[v5]/h/secure.h
  • ri0t[v5]/ri0t[v5]/h/session.h
  • ri0t[v5]/ri0t[v5]/h/shellcode.h
  • ri0t[v5]/ri0t[v5]/h/slimftp.h
  • ri0t[v5]/ri0t[v5]/h/startup.h
  • ri0t[v5]/ri0t[v5]/h/sysinfo.h
  • ri0t[v5]/ri0t[v5]/h/tcpip.h
  • ri0t[v5]/ri0t[v5]/h/tftpd.h
  • ri0t[v5]/ri0t[v5]/h/threads.h
  • ri0t[v5]/ri0t[v5]/h/usb.h
  • ri0t[v5]/ri0t[v5]/h/utility.h
  • ri0t[v5]/ri0t[v5]/h/visit.h
  • ri0t[v5]/ri0t[v5]/h/vnc.h
  • ri0t[v5]/ri0t[v5]/h/wildcard.h
  • ri0t[v5]/ri0t[v5]/h/windns.h
  • ri0t[v5]/ri0t[v5]/jpg.ico
  • ri0t[v5]/ri0t[v5]/msn/MSNMessengerAPI.tlb
  • ri0t[v5]/ri0t[v5]/msn/MSNMessengerAPI.tlh
  • ri0t[v5]/ri0t[v5]/msn/MSNMessengerAPI.tli
  • ri0t[v5]/ri0t[v5]/msn/msnsend.cpp
  • ri0t[v5]/ri0t[v5]/msn/msnsend.h
  • ri0t[v5]/ri0t[v5]/msn/zip.cpp
  • ri0t[v5]/ri0t[v5]/msn/zip.h
  • ri0t[v5]/ri0t[v5]/res.aps
  • ri0t[v5]/ri0t[v5]/res.rc
  • ri0t[v5]/ri0t[v5]/ri0t.dsp
  • ri0t[v5]/ri0t[v5]/ri0t.dsw
  • ri0t[v5]/ri0t[v5]/ri0t.ncb
  • ri0t[v5]/ri0t[v5]/ri0t.opt
  • ri0t[v5]/ri0t[v5]/ri0t.plg
    .html