Details
Malware Family DarkComet
Date Added Jan. 16, 2016, 3 a.m.
MD5 2b18ebd8fde802bb13b180fd37c47362
Sha256 773e4df9db937859e696bbf2b77dc575aca501ca99a9e5a0d51cfc8850ad4055
Robot Robots lovingly delivered by robohash.org
Config Sections
BIND 1
MSGICON 0
CHIDEF 1
MSGTITLE Lancement impossible
FTPPORT 21
FWB 0
SH6 1
MSGCORE 455252455552
FTPROOT /
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-EZPNR5Z
MELT 0
INSTALL 1
SID Guest16
SH4 1
FTPPASS 0123456789
PERSINST 0
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER username
SH5 1
COMBOPATH 10
FTPHOST ftp.yourhost.com
SH8 1
FILEATTRIB 6
FTPUPLOADK 1
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD 237566
SH3 1
NETDATA smb2112.ddns.net:1604
SH9 1
PDNS dummheitpur.ddns.net:dummheitpur.ddns.net
OFFLINEK 1
GENCODE udAJJWZ3xkEF
FTPSIZE 10
CHANGEDATE 0
EDTPATH MSDCSC\csrss.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
smb2112.ddns.net 88.206.55.155 RU
Geo Location
Yara Rules
Comments
comments powered by Disqus