Overview

overview

7

Static

static

3

Ratiborus ...on.cmd

windows7-x64

1

Ratiborus ...on.cmd

windows10-2004-x64

1

Ratiborus ...ew.cmd

windows7-x64

1

Ratiborus ...ew.cmd

windows10-2004-x64

1

Ratiborus ...le.chm

windows7-x64

1

Ratiborus ...le.chm

windows10-2004-x64

1

Ratiborus ...ck.exe

windows7-x64

7

Ratiborus ...ck.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2bc83add939a256039bfeb6460355e6922be94b127508a6b8646afbc5512f670.zip.zip

  • Size

    58.1MB

  • MD5

    5561ff861c8acaad37e54b0301f73805

  • SHA1

    4fb3827aa1feaa9fcf20716dbb770ace0a5c9aaf

  • SHA256

    0d3f2816d546dcfbd93dc2c22f8529d94965fce2d0464322d91fe7f586781e0a

  • SHA512

    83df7bda6e70ab95b63cb7cbce86bc65cdb42290d195f50164b2f8dbe696eb3061f5537bc63a8d312cea35e0647b036f9433ab2630d72bf257670bbb555479a6

  • SSDEEP

    1572864:Nx8+ll1GQZ/+Dd5qVo9GBKtrlLDcgA13vjOGw6bM:Na+4QZ/+jegUgajzwyM

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2bc83add939a256039bfeb6460355e6922be94b127508a6b8646afbc5512f670.zip.zip
    .zip

    Password: infected

  • 2bc83add939a256039bfeb6460355e6922be94b127508a6b8646afbc5512f670.zip
    .zip .ps1
  • Ratiborus KMS Tools 18.10.2021_TrucNet.com/Add_Defender_Exclusion.cmd
  • Ratiborus KMS Tools 18.10.2021_TrucNet.com/Add_Defender_Exclusion_New.cmd
    .cmd .ps1
  • Ratiborus KMS Tools 18.10.2021_TrucNet.com/KMS Tools Portable.chm
    .chm
  • Ratiborus KMS Tools 18.10.2021_TrucNet.com/KMS Tools Unpack.exe
    .exe windows:4 windows x86

    4a0eb751a0cc2fdf8841ea3c33b85101


    Headers

    Imports

    Sections