Details
Malware Family DarkComet
Date Added April 22, 2016, 6:28 a.m.
MD5 7267a9f7f30ba14538fe149d4de71b72
Sha256 1a46ba430bc6573caf05adaa76cf014d172640aa5c5453379bc2bd5e2f0a7664
Robot Robots lovingly delivered by robohash.org
Config Sections
FWB 1
SID GG
FTPPASS alexander11
CHIDEF 1
CHIDED 1
PERS 1
FTPROOT /
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-HLNCWMH
FILEATTRIB 0
EDTDATE 16/04/2007
NETDATA leagueof.zapto.org:81
GENCODE WtP8Sd50LH9Z
EDTPATH MSDCSC\msdcsc.exe
MSGICON 48
FTPPORT 21
INSTALL 1
PERSINST 0
DIRATTRIB 0
SH1 1
SH3 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE 4275205063204861636B6C656E6D69FE746972204861636B6564206279207E20415447207E
FTPSIZE 50
FAKEMSG 1
CHANGEDATE 0
PDNS zzcc1212.codns.com:localhost|124.111.208.9:localhost
MSGTITLE Hacked
FTPUSER anonmorik_Morik123
OVDNS 1
COMBOPATH 7
FTPHOST anonmorik.bplaced.net
BIND 1
FTPUPLOADK 1
MELT 0
PWD 000
SH9 1
OFFLINEK 1
Advertising
VirusTotal

50 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
leagueof.zapto.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus