Details
Malware Family DarkComet
Date Added Aug. 15, 2015, 4:59 p.m.
MD5 5d812b842bd304837bb30c4f6ef52f9a
Sha256 1d5826b714cd015763b4485da2a2bc6d26c71111ddd42483fad6f99a34b445af
Robot Robots lovingly delivered by robohash.org
Config Sections
BIND 1
FTPPORT
FWB 1
FTPROOT
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-G1J2XHL
MELT 0
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 0
DIRATTRIB 6
SH3 1
FTPUSER
COMBOPATH 2
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PWD
NETDATA 192.95.42.120:1604
SH9 1
OFFLINEK 1
GENCODE QXJ0b0ADJtZd
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

49 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
192.95.42.120 CA
Geo Location
Yara Rules
Comments
comments powered by Disqus