Details
Malware Family DarkComet
Date Added Sept. 21, 2017, 6:25 a.m.
MD5 1a6a0e5e6de19abd688185cac1a212b0
Sha256 34f99b535af88865f0eba73a4eceee4cfc8609bb73374d9be75ae23839c2373c
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
MSGTITLE Under
FTPPORT
FWB 0
SH6 1
FTPROOT
KEYNAME MicroUpdate
MUTEX DC_MUTEX-D40C6C5
MELT 0
INSTALL 1
SID Guest16
FTPPASS
PERSINST 0
DIRATTRIB 0
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
FILEATTRIB 6
FTPUPLOADK
FAKEMSG 1
EDTDATE 16/04/2007
PWD
NETDATA watsapp.duckdns.org:1604
MSGCORE 57696E646F77732062697220686174612079FC7AFC6E64656E2062752070726F6772616DFD20E7616CFDFE74FD72616D6164FD
OFFLINEK 1
GENCODE aMWgKGmw8Dde
FTPSIZE
CHANGEDATE 1
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
watsapp.duckdns.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus