Details
Malware Family DarkComet
Date Added Jan. 16, 2016, 3 a.m.
MD5 1b563018af185f745425bab4363f2982
Sha256 912fa6a0aa0fe7c92f250a707f38d8f230afdeb7d53019d220c8922d33228783
Robot Robots lovingly delivered by robohash.org
Config Sections
BIND 1
MSGICON 0
CHIDEF 1
MSGTITLE Error 404!
FTPPORT 21
FWB 1
SH6 1
MSGCORE 466F726D6174206E6F7420666F756E6421
FTPROOT /
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-CLPJB8W
MELT 0
INSTALL 1
SID Guest16
SH4 1
FTPPASS 0123456789
PERSINST 0
DIRATTRIB 2
SH1 1
CHIDED 1
FTPUSER username
SH5 1
COMBOPATH 7
FTPHOST ftp.yourhost.com
SH8 1
FILEATTRIB 2
FTPUPLOADK 1
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD 237566
SH3 1
NETDATA rango.ddns.net:1604
SH9 1
PDNS dummheitpur.ddns.net:dummheitpur.ddns.net
OFFLINEK 1
GENCODE 5igh8REDm28c
FTPSIZE 10
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
rango.ddns.net 92.115.128.4 MD
Geo Location
Yara Rules
Comments
comments powered by Disqus