Details
Malware Family DarkComet
Date Added Aug. 22, 2017, 10:07 a.m.
MD5 51cbc642b77f52f991a58e9233ba5047
Sha256 3547ad0345196d632c88acead110143943f64a64cc180d618e02ec7720bb4b61
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 48
SH10 1
CHIDEF 1
CHIDED 1
MSGTITLE Microsoft .NET Framework
FTPPORT
FWB 0
SH6 1
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-X9ADBZQ
MELT 0
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 0
DIRATTRIB 6
SH1 1
SH3 1
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA owelemre2.sytes.net:101
MSGCORE 54686973206170706C69636174696F6E207265717569726573206F6E65206F662074686520666F6C6C6F77696E672076657273696F6E73206F6620746865204D6963726F736F6674202E4E4554204672616D65776F726B20342E30
OFFLINEK 1
GENCODE WoYAnHi899vF
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

62 out of 65 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
owelemre2.sytes.net 88.230.1.22 TR
Geo Location
Yara Rules
Comments
comments powered by Disqus