Details
Malware Family DarkComet
Date Added Nov. 24, 2018, 6:25 a.m.
MD5 09e559e4598efc42555df160b07b9271
Sha256 d7f8c91d3b0fb4bba493590bd090963a26edaaa83357ed99658a4e809b1814e5
Robot Robots lovingly delivered by robohash.org
Config Sections
BIND 1
MSGICON 0
CHIDEF 1
MSGTITLE Welcome
FTPPORT
FWB 1
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-BB0N44U
MELT 0
INSTALL 1
SID DarkComet_Kuban_Kasma
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER
SH5 1
COMBOPATH 2
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA zedofrus.duckdns.org:1604
MSGCORE 57656C636F6D6520746F204461726B436F6D6574205241542E
OFFLINEK 1
GENCODE WJXnSfEB8m2g
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
zedofrus.duckdns.org 85.107.225.32 TR
Geo Location
Yara Rules
Comments
comments powered by Disqus