Details
Malware Family DarkComet
Date Added Aug. 21, 2017, 6:25 a.m.
MD5 3c247b8df29960863f884980faa04ee5
Sha256 b392e820eeed43320039f8a36dca7aa76d11b890adf837745c58d5db97b4e324
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 64
MSGTITLE Windows
FTPPORT
FWB 0
FTPROOT
SH9 1
KEYNAME DarkComet RAT
MUTEX DC_MUTEX-MVRKE26
MELT 0
INSTALL 1
SID Guest16
FTPPASS
PERSINST 0
DIRATTRIB 6
SH1 1
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
FILEATTRIB 6
FTPUPLOADK
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA memelek.duckdns.org:1604
MSGCORE DDFE6C656D696E697A204261FE6172FD796C612054616D616D6C616E64FD
OFFLINEK 1
GENCODE XfMiof5bMfYg
FTPSIZE
CHANGEDATE 0
EDTPATH DCSCMIN\IMDCSC.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
memelek.duckdns.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus