Details
Malware Family DarkComet
Date Added Sept. 1, 2017, 6:25 a.m.
MD5 10a1dbde59ddeb9bc757974c5cffe372
Sha256 3155f2f56788cd70b74bf2b19f9fa814f08d1e43b41c57a774c6cdfceccb09ef
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB 0
FTPROOT
KEYNAME MicroUpdate
MUTEX DC_MUTEX-FGFJJ0W
MELT 1
INSTALL 1
SID Guest16
FTPPASS
PERSINST 1
DIRATTRIB 0
CHIDEF 1
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 38
FTPUPLOADK
SH7 1
EDTDATE 16/04/2017
PERS 1
PWD
NETDATA 85.104.8.203:4554
SH9 1
OFFLINEK 1
GENCODE zg9Lx4ZUPvnN
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

58 out of 65 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
85.104.8.203 TR
Geo Location
Yara Rules
Comments
comments powered by Disqus