Details
Malware Family DarkComet
Date Added April 15, 2018, 6:25 a.m.
MD5 222d3bc7996197f02093c156eee501b0
Sha256 f6893f08429905e7173d1fe556d116ba7ad0ab0f43eb7d42df30546970b12a3c
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
MSGTITLE Welcome
FTPPORT 21
FWB 0
FTPROOT /
KEYNAME MicroUpdate
MUTEX DC_MUTEX-UYZ1QK9
MELT 0
INSTALL 1
SID Guest16
FTPPASS 0123456789
PERSINST 1
DIRATTRIB 0
FTPUSER username
COMBOPATH 7
FTPHOST ftp.yourhost.com
FILEATTRIB 0
FTPUPLOADK 1
FAKEMSG 1
EDTDATE 16/04/2007
PWD 0123456789
NETDATA 127.0.0.1:1604
MSGCORE 57656C636F6D6520746F204461726B436F6D6574205241542E0D0A496620796F75207365652074686973206D6573736167652C206974206D65616E73207468652073747562207375636365737366756C6C792072756E7320616E6420796F752077696C6C206170656172200D0A696E20746865206D61737465722075736572206C6973742E0D0A
OFFLINEK 1
GENCODE gx8fesliRVqU
FTPSIZE 10
CHANGEDATE 1
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus