Details
Malware Family DarkComet
Date Added March 23, 2015, 8:29 p.m.
MD5 1276fa4488af4a2e320e036b726aebce
Sha256 a5ad2532e8b38f49b10b793b1086b081d17f18b191e91e7bd4ceadb5ca12fc34
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPKeyLogs
OfflineKeylogger 1
FTPHost
FTPSize
CampaignID Guest16_min
FTPPort
FTPRoot
FTPPassword
Version #KCMDDC51#
Mutex DCMIN_MUTEX-JJTMF5B
Domains ryanshells.no-ip.org:1337
Gencode gaytnJGayUav
Password
FTPUserName
FireWallBypass
Advertising
VirusTotal

50 out of 53 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
ryanshells.no-ip.org 000.000.000.000
Geo Location
Yara Rules
Comments
comments powered by Disqus