Details
Malware Family DarkComet
Date Added July 29, 2018, 6:25 a.m.
MD5 83fff1d70fb2c0ff605949ac8e1d9018
Sha256 7836d631b6f922714c3bdb2b0dd0e77fe31c85486b1275bddcf24af165b27bf8
Robot Robots lovingly delivered by robohash.org
Config Sections
BIND 1
MSGICON 0
SH10 1
CHIDEF 1
CHIDED 1
MSGTITLE AKTF
FTPPORT
FWB 1
FTPROOT
SH9 1
KEYNAME tasking
MUTEX DC_MUTEX-L5UK92S
MELT 1
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
FTPUSER
COMBOPATH 2
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
MULTIBIND 1
NETDATA kctgame.hopto.org:1604
MSGCORE 4F59554E412047DD52DDDE205941504152414B2048DD4C4559DD204B554C4C414E4142DD4CDD5253DD4EDD5A
OFFLINEK 1
GENCODE CJMyenZ1SzwT
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\tasking.exe
Advertising
VirusTotal

61 out of 68 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
kctgame.hopto.org 207.189.20.23 0
Geo Location
Yara Rules
Comments
comments powered by Disqus