Details
Malware Family DarkComet
Date Added April 12, 2018, 6:25 a.m.
MD5 5ad6c554bd80683b037bd5cccae435f6
Sha256 f9129f6c35dbb7d92e8ec3bde1eacdb4d256bcc12299b8275f2a6b6a4a23deef
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
FTPPORT
FWB 0
SH6 1
FTPROOT
KEYNAME MicroUpdate
MUTEX DC_MUTEX-1VLUUNZ
MELT 0
INSTALL 1
SID forantal
FTPPASS
PERSINST 0
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA kukan1234.ddns.net:1604|antalcomet2.ddns.net:1604
SH9 1
OFFLINEK 1
GENCODE 06KfVhBC6mMU
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
kukan1234.ddns.net 109.254.75.19 UA
antalcomet2.ddns.net 109.254.75.19 UA
Geo Location
Yara Rules
Comments
comments powered by Disqus