Details
Malware Family DarkComet
Date Added Aug. 15, 2015, 5:02 p.m.
MD5 779de5a41a584f300215a50675f631ac
Sha256 5f0cf1a745fe26b34af488f8f9d22333e0ea7ab681e787379af92ab99005cabb
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
SH10 1
CHIDEF 1
CHIDED 1
MSGTITLE Welcome
FTPPORT
FWB 1
SH6 1
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-H2S80RV
MELT 1
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 4
SH1 1
SH3 1
FTPUSER
SH5 1
COMBOPATH 2
FTPHOST
SH8 1
FILEATTRIB 4
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA 192.168.178.23:1604
MSGCORE 57656C636F6D6520746F204461726B436F6D6574205241542E0D0A496620796F75207365652074686973206D6573736167652C206974206D65616E73207468652073747562207375636365737366756C6C792072756E7320616E6420796F752077696C6C206170656172200D0A696E20746865206D61737465722075736572206C6973742E0D0A
OFFLINEK 1
GENCODE BNFtD94c12tw
FTPSIZE
CHANGEDATE 1
EDTPATH
Advertising
VirusTotal

45 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
192.168.178.23 0
Geo Location
Yara Rules
Comments
comments powered by Disqus