Details
Malware Family DarkComet
Date Added Nov. 7, 2015, 5:23 p.m.
MD5 522c6240848584bf3547dbec02fa4e53
Sha256 d8da17cb2021d1961eba7f95a61d672c253f887434930a729783ac5053d0a035
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 64
FTPPORT 21
FWB 0
MELT 1
INSTALL 1
SID Guest16
FTPPASS fuckm3!fy0uc@n
PERSINST 1
DIRATTRIB 0
CHIDEF 1
CHIDED 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
SH9 1
FTPSIZE 200
FAKEMSG 1
PERS 1
MULTIBIND 1
SH3 1
CHANGEDATE 1
SH1 1
FTPROOT /home/indianha/public_html/dabas
SH10 1
KEYNAME game
MUTEX DC_MUTEX-F54S21D
MSGTITLE Sripts for Minecraft
FTPUSER dabas@indianhacker.in
FILEATTRIB 0
OVDNS 1
COMBOPATH 0
FTPHOST ftp.indianhacker.in
BIND 1
FTPUPLOADK
EDTDATE 16/04/2007
PWD bananas
NETDATA moodi.no-ip.info:1604
MSGCORE 496E7374616C6C2073726970747320666F72204D696E6563726166742073756363657366756C6C
PDNS www.norton.com:localhost
OFFLINEK 1
GENCODE yX%jv4qk3D-v
EDTPATH C:\.exe
Advertising
VirusTotal

47 out of 50 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
moodi.no-ip.info 0
Geo Location
Yara Rules
Comments
comments powered by Disqus