Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2016-01-30 03:00:03 |
MD5 | 47477896751aad97b5c95992c7034c28 |
Sha256 | 055ae43afb4f20ea2cf65992af841f32aa889a6191710b6c181e1c728e1293dc |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | 10 |
---|---|
MUTEX | DC_MUTEX-LWG17QG |
SH9 | 1 |
DIRATTRIB | 0 |
FTPPORT | 21 |
CHIDEF | 1 |
SID | Kennyrat |
CHANGEDATE | 0 |
MSGTITLE | Welcome |
FTPROOT | / |
MULTIBIND | 1 |
OFFLINEK | 1 |
KEYNAME | MicroUpdate |
EDTPATH | MSDCSC\msdcsc.exe |
COMBOPATH | 7 |
FILEATTRIB | 0 |
FAKEMSG | 1 |
NETDATA | 24.151.127.137:1604|kennyshost.no-ip.org:1604 |
FTPUPLOADK | 1 |
SH1 | 1 |
FWB | 0 |
PWD | 1234554321 |
SH3 | 1 |
INSTALL | 1 |
SH10 | 1 |
SH6 | 1 |
MSGCORE | 57656C636F6D6520746F204461726B436F6D6574205241542E0D0A496620796F75207365652074686973206D6573736167652C206974206D65616E73207468652073747562207375636365737366756C6C792072756E7320616E6420796F752077696C6C206170656172200D0A696E20746865206D61737465722075736572206C6973742E0D0A |
PERSINST | 1 |
OVDNS | 1 |
SH8 | 1 |
MSGICON | 16 |
CHIDED | 1 |
PERS | 1 |
PDNS | hou2764.ddns.net:localhost |
MELT | 0 |
GENCODE | yaUcoQrLJtoq |
BIND | 1 |
SH7 | 1 |
FTPPASS | wasdwasd |
FTPHOST | ftp.hascoding.com |
FTPUSER | hasco_16806297 |
SH4 | 1 |
SH5 | 1 |
EDTDATE | 16/04/2007 |
Virustotal
49 out of 55 AV Engines identified the sample as Malicious.