Details
Malware Family DarkComet
Date Added Sept. 24, 2017, 6:25 a.m.
MD5 7257431744eb3247e7bf6f58a8eb2691
Sha256 8c20fdd8394aabeb07fd2fe0f7b2dba1af9f287bf09cf4efaddb6782d23234a2
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB
FTPROOT
KEYNAME DarkComet RAT
MUTEX DCMIN_MUTEX-UB6B8A6
INSTALL 1
SID Guest16_min
FTPPASS
FTPUSER
COMBOPATH 7
FTPHOST
FTPUPLOADK
PWD
NETDATA 178.158.128.49:1604
OFFLINEK 1
GENCODE NTccuQovel3s
FTPSIZE
EDTPATH DCSCMIN\IMDCSC.exe
Advertising
VirusTotal

45 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
178.158.128.49 UA
Geo Location
Yara Rules
Comments
comments powered by Disqus