Details
Robot
FileName
Malware Family DarkComet
Date Added 2015-08-10 19:43:05
MD5 5bc6ee1a5d40222ad1e602b52dac753d
Sha256 cf7df71596c943c7910fa0787b0980c94b878b0cc367aeca17c841cd42420596
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
FTPSIZE
SID SLAVES
MUTEX DC_MUTEX-9CP1F52
DIRATTRIB 0
PERSINST 1
GENCODE BsgCbl2FXpKD
OFFLINEK 1
MELT 0
CHANGEDATE 0
MSGTITLE HMP.Desktop.exe - NET Framework Intialization Error
FTPROOT
FILEATTRIB 0
MSGCORE 556E61626C6520746F2066696E6420612076657273696F6E206F66207468652072756E74696D6520746F2072756E2074686973206170706C69636174696F6E
KEYNAME explorer..exe
FTPPORT
EDTPATH MSDCSC\msdcsc.exe
MSGICON 16
COMBOPATH 1
FAKEMSG 1
NETDATA slaves.mooo.com:100
FTPUPLOADK
FWB 0
FTPPASS
FTPHOST
PWD blackhat
FTPUSER
EDTDATE 16/04/2007
INSTALL 1
Virustotal

47 out of 56 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
mooo.com slaves.mooo.com 46.103.106.93 GR