Details
Malware Family DarkComet
Date Added Feb. 7, 2016, 10:12 p.m.
MD5 799b695eb915d59c7dfc611d62dad450
Sha256 b2411611694c17ad5ba5823c892af3f0412115a7df5aa36f5b5ef515e9053263
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
CHIDED 1
FTPPORT 21
FWB 0
EDTDATE 16/04/2007
INSTALL 1
SID Guest16
FTPPASS zekasa94
PERSINST 0
DIRATTRIB 0
CHIDEF 1
SH3 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE 57656C636F6D6520746F204461726B436F6D6574205241542E0D0A496620796F75207365652074686973206D6573736167652C206974206D65616E73207468652073747562207375636365737366756C6C792072756E7320616E6420796F752077696C6C206170656172200D0A696E20746865206D61737465722075736572206C6973742E0D0A
FTPSIZE 10
FAKEMSG 1
PERS 1
CHANGEDATE 0
SH1 1
FTPROOT /LOGS
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-ZRR87JM
MSGTITLE Welcome
FTPUSER GTR94
FILEATTRIB 0
COMBOPATH 7
FTPHOST ftp.drivehq.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD 0123456789
NETDATA darkomentar.sytes.net:1604
SH9 1
OFFLINEK 1
GENCODE gXbpsuyz1Xya
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

53 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
darkomentar.sytes.net 0
Geo Location
Yara Rules
Comments
comments powered by Disqus