Details
Malware Family DarkComet
Date Added May 6, 2018, 6:25 a.m.
MD5 41c60a7201487465e7e06921b20c3ec8
Sha256 b200cfa59d0acbbb9a9f4fd4c81702ec0b2ba7ebf4882d9eeef6e6094bb5e0aa
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
SH10 1
CHIDEF 1
CHIDED 1
MSGTITLE ForceOP
FTPPORT
FWB 0
SH6 1
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-5X897F6
MELT 1
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
FTPUSER
SH5 1
COMBOPATH 5
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2017
PERS 1
PWD
NETDATA 5.68.159.105:1337
MSGCORE 4E65772076657273696F6E20666F756E6421202D205570646174696E67
OFFLINEK 1
GENCODE 6oFaiF9CvZgB
FTPSIZE
CHANGEDATE 1
EDTPATH WindowsDefender32\UPDATER32.exe
Advertising
VirusTotal

48 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
5.68.159.105 GB
Geo Location
Yara Rules
Comments
comments powered by Disqus