Details
Malware Family DarkComet
Date Added Feb. 9, 2018, 6:25 a.m.
MD5 7dd36023a9b6e14aed11d0c36fe72362
Sha256 d039f603e113aeb0852cb910d7ce758735ffcc64ddf7e44eede99d23d900f61c
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
CHIDED 1
FTPPORT
FWB 1
SH6 1
FTPROOT
SH10 1
KEYNAME JustUpdateRAT
MUTEX DC_MUTEX-8W4YDME
MELT 1
INSTALL 1
SID TArget 1
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
FTPUSER
SH5 1
COMBOPATH 5
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA karmaa2.ddnsking.com:1605|karmaa2.ddnsking.com:1605|karmaa2.ddnsking.com:1605|karmaa2.ddnsking.com:1602|karmaa2.ddnsking.com:1602|karmaa2.ddnsking.com:1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602|karmaa2.ddns.net :1602
SH9 1
OFFLINEK 1
GENCODE WXbGQQFNNb0z
FTPSIZE
CHANGEDATE 1
EDTPATH RATFUNFUN.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
karmaa2.ddnsking.com 0
karmaa2.ddnsking.com 0
karmaa2.ddnsking.com 0
karmaa2.ddnsking.com 0
karmaa2.ddnsking.com 0
karmaa2.ddnsking.com 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
karmaa2.ddns.net 0
Geo Location
Yara Rules
Comments
comments powered by Disqus