Details
Malware Family DarkComet
Date Added Jan. 16, 2018, 6:25 a.m.
MD5 87dc35cc611b49410ecea73e0a800876
Sha256 184dd9f08fca18ff76bda55b7184bcacc9b66f74623676cfd63beb864aa1a23d
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
FTPPORT
FWB 0
FTPROOT
KEYNAME MicroUpdate
MUTEX DC_MUTEX-YY8K41L
MELT 1
INSTALL 1
SID Guest16
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA anh.zapto.org:3389
SH9 1
OFFLINEK 1
GENCODE 8PpYJoy9iCBu
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\svchost.exe
Advertising
VirusTotal

60 out of 67 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
anh.zapto.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus