Details
Robot
FileName
Malware Family DarkComet
Date Added 2016-01-16 03:00:03
MD5 871e7b27afe8c377adf42caaf0252e35
Sha256 23a8f7adafbf648642d24bb0b7f29429ce6bd86ae4c4d304941ff82b4d406042
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
FTPSIZE 1
MUTEX DC_MUTEX-X86HVRU
SH9 1
DIRATTRIB 6
FTPPORT 21
CHIDEF 1
SID Guest16
CHANGEDATE 1
MSGTITLE !
FTPROOT /htdocs/myfiles/
MULTIBIND 1
OFFLINEK 1
KEYNAME MicroUpdate
EDTPATH MSDCSC\msdcsc.exe
COMBOPATH 5
FILEATTRIB 6
FAKEMSG 1
NETDATA 94.180.53.143:1604
FTPUPLOADK 1
SH1 1
FWB 0
PWD kodiak4288//
SH3 1
INSTALL 1
SH10 1
SH6 1
MSGCORE C2FB20E2FBE9E3F0E0EBE8203130203030302024200D0A0D0AF7F2EE20E1FB20E8F520EFEEEBF3F7E8F2FC20EEF1F2E0E2FCF2E520F1E2EEE820E4E0EDEDFBE520EEF2205169776920E820ECFB20F1F0E0E7F320E6E520EFE5F0E5E2E5E4B8ED20F1F0E5E4F1F2E2E020EA20E2E0EC20EDE020F1F7B8F220E820EEEDF3EBE8F0F3E5EC20E2E0F820F1F2E0F0FBE920F1F7B8F221
PERSINST 1
OVDNS 1
SH8 1
MSGICON 64
CHIDED 1
PERS 1
PDNS britney199019.no-ip.org:localhost
MELT 1
GENCODE ggsaR10Mhoyy
BIND 1
SH7 1
FTPPASS M5x5Llbj26
FTPHOST ftp.hebergratuit.net
FTPUSER heber_17137967
SH4 1
SH5 1
EDTDATE 16/04/2012
Virustotal

0 out of 0 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
94.180.53.143 RU