Details
Malware Family DarkComet
Date Added Dec. 16, 2017, 6:25 a.m.
MD5 261637becf6e187825bd237b7e94e949
Sha256 2f5e4504cd258646c4c0c262e92adfdb5ac28309f5874a43912ca791efc4b9f3
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
CHIDED 1
FTPPORT
FWB 0
SH6 1
FTPROOT
KEYNAME Windows Explorer
MUTEX DC_MUTEX-G81TFGT
MELT 0
INSTALL 1
SID eternal
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
FILEATTRIB 6
FTPUPLOADK
EDTDATE 16/04/2007
PERS 1
PWD FuckThisShit
NETDATA 62.102.148.130:17825|62.102.148.187:54481
OFFLINEK 1
GENCODE 82aZznH8fcUG
FTPSIZE
CHANGEDATE 1
EDTPATH Explorer\explorer.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
62.102.148.130 SE
62.102.148.187 SE
Geo Location
Yara Rules
Comments
comments powered by Disqus