A forum for reverse engineering, OS internals and malware analysis 

Forum for completed malware requests.
 #29987  by kiakam
 Thu Feb 16, 2017 4:19 am
Hey, I am looking for new baking malware: Ratankba
I would be really appreciate if you can give the sampe.
https://www.symantec.com/security_respo ... 99&tabid=2
Here is the IOCs of this malware: (it includes 3 samples: the original sample(ratankba, Backdoor.Destover
and hacktool))

Downloader.Ratankba

MD5
1f7897b041a812f96f1925138ea38c46
911de8d67af652a87415f8c0a30688b2
1507e7a741367745425e0530e23768e6
cb52c013f7af0219d45953bae663c9a2
18a451d70f96a1335623b385f0993bcc

SHA256
99017270f0af0e499cfeb19409020bfa0c2de741e5b32b9f6a01c34fe13fda7d
825624d8a93c88a811262bd32cc51e19538c5d65f6f9137e30e72c5de4f044cc
200c0f4600e54007cb4707c9727b1171f56c17c80c16c53966535c57ab684e22
95c8ffe03547bcb0afd4d025fb14908f5230c6dc6fdd16686609681c7f40aca2
7c77ec259162872bf9ab18f6754e0e844157b31b32b4a746484f444b9f9a3836


Hacktool

MD5
3af4e21bbbeb846ca295143e03ec0054
SHA256
efa57ca7aa5f42578ab83c9d510393fcf4e981a3eb422197973c65b7415863e7


Backdoor.Destover
MD5
7fe80cee04003fed91c02e3a372f4b01
SHA256
4fe3c853ab237005f7d62324535dd641e1e095d1615a416a9b39e042f136cf6b