Details
Malware Family DarkComet
Date Added Jan. 30, 2016, 3 a.m.
MD5 6226e189f95b3938619121bf2e0dd915
Sha256 dbb1b3211c3cc579e2b1233ca28547ef83e502c92497c79db8a73fffae0031f4
Robot Robots lovingly delivered by robohash.org
Config Sections
FWB 0
SID Generet
FTPPASS 0123456789
CHIDEF 1
CHIDED 1
PERS 1
FTPROOT /
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-DF8785U
FILEATTRIB 6
EDTDATE 16/04/2007
NETDATA lintifor.ddns.com:1604
GENCODE x0wSvMp9wLLE
EDTPATH MSDCSC\msdcsc.exe
MSGICON 16
FTPPORT 21
INSTALL 1
PERSINST 0
DIRATTRIB 6
SH1 1
SH3 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE 4F6F7073210D0A756E666F7274756E6174656C7920796F7520646F206E6F7420686176652061636365737320746F207468697320736F667477617265210D0A0D0A706C6561736520656D61696C3A2064656E63696B3938406D61696C2E7275203A290D0A
FTPSIZE 10
FAKEMSG 1
MULTIBIND 1
CHANGEDATE 0
PDNS 192.168.2.136:localhost
MSGTITLE ERROR!!!
FTPUSER username
OVDNS 1
COMBOPATH 3
FTPHOST ftp.yourhost.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD 1000000000
SH9 1
OFFLINEK 1
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
lintifor.ddns.com 0
Geo Location
Yara Rules
Comments
comments powered by Disqus