Details
Malware Family DarkComet
Date Added March 28, 2017, 6:25 a.m.
MD5 0487fed0aa52334d15911e5384c0d410
Sha256 946b3de2c3b514a6c2efe10f2b71f28ee63a9b6730a24a7eba83aa0cf5c5341d
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
FTPPORT
FWB 0
FTPROOT
KEYNAME MicroUpdate
MUTEX DC_MUTEX-LEH168B
MELT 0
INSTALL 1
SID Slave
FTPPASS
PERSINST 0
DIRATTRIB 0
SH1 1
CHIDED 1
FTPUSER
SH6 1
COMBOPATH 10
FTPHOST
FILEATTRIB 0
FTPUPLOADK
EDTDATE 11/11/2016
PERS 1
PWD A66fAz2asZs0okS2xza!!
MULTIBIND 1
NETDATA 80.61.35.94:1600
BIND 1
OFFLINEK 1
GENCODE Tslh1uPbWJh3
FTPSIZE
CHANGEDATE 1
EDTPATH Free\Store.exe
Advertising
VirusTotal

58 out of 61 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
80.61.35.94 NL
Geo Location
Yara Rules
Comments
comments powered by Disqus