Details
Malware Family DarkComet
Date Added Feb. 10, 2018, 6:25 a.m.
MD5 0d5fdd358f16a58f9e9ff4135e0ef737
Sha256 25354109449a858becbbd292380545d58b39390117c1a4b8772844350592d2c6
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
CHIDED 1
FTPPORT
FWB 1
SH6 1
FTPROOT
SH10 1
KEYNAME JustUpdateRAT
MUTEX DC_MUTEX-ZA5LZ9L
MELT 1
INSTALL 1
SID TArget 1
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
FTPUSER
SH5 1
COMBOPATH 5
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA karmaa2.ddnsking.com:1605|karmaa2.ddnsking.com:1605|karmaa2.ddnsking.com:1605|karmaa2.ddns.net:1602|karmaa2.ddns.net:1602|karmaa2.ddns.net:1602|karmaa2.ddns.net:1602|karmaa2.ddns.net:1602|karmaa2.ddns.net:1602|karmaa2.ddns.net:1602
SH9 1
OFFLINEK 1
GENCODE RJhqHR3GJocP
FTPSIZE
CHANGEDATE 1
EDTPATH RATFUNFUN.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
karmaa2.ddnsking.com 0
karmaa2.ddnsking.com 0
karmaa2.ddnsking.com 0
karmaa2.ddns.net 62.208.38.74 GB
karmaa2.ddns.net 62.208.38.74 GB
karmaa2.ddns.net 62.208.38.74 GB
karmaa2.ddns.net 62.208.38.74 GB
karmaa2.ddns.net 62.208.38.74 GB
karmaa2.ddns.net 62.208.38.74 GB
karmaa2.ddns.net 62.208.38.74 GB
Geo Location
Yara Rules
Comments
comments powered by Disqus