Details
Malware Family DarkComet
Date Added Jan. 17, 2016, 6:42 a.m.
MD5 77c7bd6c9eaf533a3f68e06122d39e01
Sha256 ff82fb039a744431e86cdfdd84ca0e3761c0d4e8c92ece5d17c360f883438f44
Robot Robots lovingly delivered by robohash.org
Config Sections
BIND 1
MSGICON 16
SH1 1
MSGTITLE Microsoft Visual C++ Runtime Library Runtime Error
FTPPORT 21
FWB 1
MSGCORE 46696C65204E6F7420466F756E64204D6963726F736F66742056697375616C20432B2B2032303133
FTPROOT /
SH10 1
KEYNAME MicrosoftUpdate
MUTEX DCMIN_MUTEX-N6JEHPZ
MELT 0
INSTALL 1
SID
SH4 1
FTPPASS 0631060949a
PERSINST 1
SH5 1
DIRATTRIB 6
CHIDEF 1
CHIDED 1
FTPUSER nadcauca
SH6 1
COMBOPATH 10
FTPHOST nad.caucasus.net
SH8 1
FILEATTRIB 6
FTPUPLOADK 1
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD 1100801319215a
SH3 1
NETDATA shegs2sex.no-ip.biz:1604
SH9 1
PDNS 192.168.1.100:faierred.ddns.net
OFFLINEK 1
GENCODE tiltDcSK1EVz
FTPSIZE 10
CHANGEDATE 0
EDTPATH Windows\MicrosoftUpdate.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
shegs2sex.no-ip.biz 204.95.99.109 US
Geo Location
Yara Rules
Comments
comments powered by Disqus