Details
Malware Family DarkComet
Date Added April 22, 2016, 6:28 a.m.
MD5 6d001ab9a7a116f2d12e5053c1e8cfa9
Sha256 0fe1ed550ee4b506fbb9e1923c0dded9d27608486fca47ae92cca0b92635c360
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
CHIDEF 1
MSGTITLE autoclick.exe - Application Error
FTPPORT
FWB 1
SH6 1
MSGCORE 546865206170706C69636174696F6E206661696C656420746F20696E697469616C6965642070726F7065726C79202830786330303030313335292E20436C69636B206F6E204F4B20746F207465726D696E61746520746865206170706C69636174696F6E0D0A
FTPROOT
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-Z77G12S
MELT 0
INSTALL 1
SID kikikiki
SH4 1
FTPPASS
PERSINST 1
SH5 1
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER
OVDNS 1
COMBOPATH 2
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
PDNS 127.0.0.1:localhost|sorry.no-ip.biz:1604
NETDATA kajukk.no-ip.info:96
SH9 1
OFFLINEK 1
GENCODE pG681E30Kah2
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

52 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
kajukk.no-ip.info 0
Geo Location
Yara Rules
Comments
comments powered by Disqus