Overview

overview

3

Static

static

3

Ratiborus ...on.cmd

windows7-x64

1

Ratiborus ...on.cmd

windows10-2004-x64

1

Ratiborus ...ck.exe

windows7-x64

3

Ratiborus ...ck.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    ea5588305a6d5c5e025cb89d4224b2285cbdd768c19acf0cf49b8f4a9594cbb7.zip.zip

  • Size

    50.0MB

  • MD5

    868a429e3cb93aeb126838121e7573e1

  • SHA1

    bcbd4a1afe541692c366c8d06e69a12966be3cc4

  • SHA256

    267bb09f56206a1d263e65ad2465a9a0b536c8d76276c05952294deb820892df

  • SHA512

    8886fee226a487be527375f8d01a3e97562f923367e51981870503c21df0ec0ed32579b0bf184647410e3f1f8842995d5d4ab21de1fcd4df7ff89f05ba8869a4

  • SSDEEP

    786432:wjh3KyrMroT/jFdptelajl5iTO/cmKma+D6mlhG5KpD0xcEmC+HLflxaG:sJMUDfYQ8K8GplpD0yxHxxaG

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ea5588305a6d5c5e025cb89d4224b2285cbdd768c19acf0cf49b8f4a9594cbb7.zip.zip
    .zip

    Password: infected

  • ea5588305a6d5c5e025cb89d4224b2285cbdd768c19acf0cf49b8f4a9594cbb7.zip
    .zip
  • Ratiborus KMS 01.08.2020 Portable Multi-FR (Win x86 x64)/Add_Defender_Exclusion.cmd
  • Ratiborus KMS 01.08.2020 Portable Multi-FR (Win x86 x64)/KMS Tools Unpack.exe
    .exe windows:4 windows x86

    2b60d00c91710ec5162196c370dc8f7d


    Headers

    Imports

    Sections