Details
Malware Family DarkComet
Date Added Aug. 10, 2015, 5:59 p.m.
MD5 0e39011374439573c3c176ab8d880c58
Sha256 46a5ef2c509a58518429cb708f3a49865fa54a1e414dad84dca99582c29a2cbb
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB 0
FTPROOT
KEYNAME explorer.exe
MUTEX DC_MUTEX-TJM9MAY
MELT 1
INSTALL 1
SID Guest16
FTPPASS
PERSINST 1
DIRATTRIB 0
FTPUSER
SH5 1
COMBOPATH 2
FTPHOST
FILEATTRIB 0
FTPUPLOADK
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA 127.0.0.1:1604|syntaxtg50.no-ip.org:1604|syntaxtg50.no-ip.org:1603
OFFLINEK 1
GENCODE cNsmrBp0x2WE
FTPSIZE
CHANGEDATE 0
EDTPATH Adobe.exe
Advertising
VirusTotal

48 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus