Ratankba

Description

(Trend Micro) During our analysis, we collected a copy of the RATANKBA malware’s Lazarus Remote Controller tool. The remote controller provides a user interface that allows attackers to send jobs to any compromised endpoint. The controller gives the attackers the ability to manipulate the victims’ host by queueing tasks on the main server. RATANKBA retrieves and executes the tasks, and retrieves the collected information.

Names

Name
Ratankba
Ratabanka
QUICKRIDE

Type

Backdoor
Info stealer

Information

https://blog.trendmicro.com/trendlabs-security-intelligence/lazarus-campaign-targeting-cryptocurrencies-reveals-remote-controller-tool-evolved-ratankba/

Mitre Attack

https://attack.mitre.org/software/S0241/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.ratankba

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:ratankba

Other Information

Uuid

86175fff-3f01-49ba-8057-ef28c8f619c9

Last Card Change

2022-12-29

Threat Intelligence Garden

Explorer

Ratankba

Ratankba

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks