Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2016-04-23 03:00:04 |
MD5 | 1a50e04fb948083d9ea1a3948ca086c9 |
Sha256 | 8e63f18bbcd276c32c1433892aff9a3b0277cd855a8d25cd71b1e431babbab19 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | 10 |
---|---|
MUTEX | DC_MUTEX-0HNEHDC |
SH9 | 1 |
DIRATTRIB | 0 |
FTPPORT | 21 |
CHIDEF | 1 |
SID | Guest16 |
CHANGEDATE | 1 |
MSGTITLE | Error |
FTPROOT | / |
MULTIBIND | 1 |
OFFLINEK | 1 |
KEYNAME | MicroUpdate |
EDTPATH | system32\system32.exe |
COMBOPATH | 2 |
FILEATTRIB | 6 |
FAKEMSG | 1 |
NETDATA | skidded.no-ip.biz:1604 |
FTPUPLOADK | 1 |
SH1 | 1 |
FWB | 1 |
PWD | 123321 |
SH3 | 1 |
INSTALL | 1 |
SH10 | 1 |
SH6 | 1 |
MSGCORE | 57696E646F777320436F6D706162696C7479204572726F72 |
PERSINST | 1 |
OVDNS | 1 |
SH8 | 1 |
MSGICON | 16 |
CHIDED | 1 |
PERS | 1 |
PDNS | 127.0.0.1:youtube.com |
MELT | 1 |
GENCODE | fZMADQTfSdwg |
BIND | 1 |
SH7 | 1 |
FTPPASS | hacker911911 |
FTPHOST | ftp.drivehq.com |
FTPUSER | hadesisback |
SH4 | 1 |
SH5 | 1 |
EDTDATE | 16/04/2007 |
Virustotal
44 out of 57 AV Engines identified the sample as Malicious.