Details
Malware Family DarkComet
Date Added Jan. 24, 2018, 6:25 a.m.
MD5 4a58c26af407abb07345adaf289a5ac1
Sha256 10fa72b2f9761ceb3ec6be8aa830c4c4c290c8d52b3481aeb5bdf55b3ef34a90
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB 0
SH6 1
FTPROOT
SH10 1
KEYNAME Microsoft
MUTEX DC_MUTEX-BYG7KSW
MELT 0
INSTALL 1
SID Guest16
FTPPASS
PERSINST 0
DIRATTRIB 0
BIND 1
FTPUSER
SH5 1
COMBOPATH 3
FTPHOST
SH8 1
FILEATTRIB 0
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PWD
NETDATA ykrop.hopto.org:27015
SH9 1
OFFLINEK 1
GENCODE TqRWd3T9miyb
FTPSIZE
CHANGEDATE 0
EDTPATH svcost\svcost.exe
Advertising
VirusTotal

57 out of 63 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
ykrop.hopto.org 5.143.60.204 RU
Geo Location
Yara Rules
Comments
comments powered by Disqus