Details
Malware Family DarkComet
Date Added Aug. 4, 2017, 6:25 a.m.
MD5 0cf475cb0e883f6122a41c3488977e72
Sha256 4fcdbaf3aeb2aef838847cb6a4f14dbf77c10353930867c8a05d99461ef0f1f3
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 48
MSGTITLE Windows
FTPPORT
FWB 0
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-ZJU2K3P
MELT 0
INSTALL 1
SID Guest16
FTPPASS
PERSINST 0
DIRATTRIB 6
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
FILEATTRIB 6
FTPUPLOADK
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA rmznsinstr.duckdns.org:81
MSGCORE 446F7379612042756C756E616D6164FD2021
OFFLINEK 1
GENCODE H72NJ26XwjTo
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

60 out of 64 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
rmznsinstr.duckdns.org 176.218.168.188 TR
Geo Location
Yara Rules
Comments
comments powered by Disqus