RtPOS is a new breed of point of sale malware that has very limited functionality. It sits in the memory and watch only for credit card numbers and social security number patterns. RtPOS does not have networking capabilities to ex-filtrate the data it sniffed. It appears that malware is still evolving or there might be another malware that can that work in conjunction with RtPOS to transfer data out of its compromised host.
RtPOS Point-of-Sale Malware Signatures
MD5: 9443861a644029b7092a6b7bf98939fb
SHA1: a3c81c9e3d92c5007ac2ef75451fe007721189c6
SHA256: fb749c32b58fd1238f21d48ba1deb60e6fb4546f3a74e211f80a3ed005f9e046
SSDEEP: 3072:3cAmkDTgWpRT+fAv6Qeyt+TdY5ilY9OBkHTLNVBjBNvOv86NEAg0FujopmDFF369:3R3g8T+foBWlCOBkHtAOXZE0N4
RtPOS Point-of-Sale Malware Sample Download
Password of the archive is
infected.