Details
Malware Family DarkComet
Date Added April 14, 2017, 6:25 a.m.
MD5 3a043c535d1d98c4b79a545b489e138a
Sha256 10e542516344c1761545ba54f6e056a9041b21a1bf7eddef025edfac60658ccf
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 48
MSGTITLE ?? ???????????????????????????? ?? Hello ??????????????????????????????????????????????
FTPPORT
FWB 0
FTPROOT
MUTEX DC_MUTEX-TU9QU6W
SID Guest16
FTPPASS
FTPUSER
FTPHOST
MSGCORE 596F75204A75737420476F74204861636B65642120446F6E742054727920546F205475726E204F6666205043206F7220692077696C6C2064697361626C6520796F757220636F6D70757465722E202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202D53706F6F6B79486178203F3F
FTPUPLOADK
FAKEMSG 1
PWD
NETDATA 127.0.0.1:1604
OFFLINEK 1
GENCODE WelJ1KoUpNkn
FTPSIZE
Advertising
VirusTotal

56 out of 61 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus