Details
Malware Family DarkComet
Date Added Nov. 7, 2015, 6:54 p.m.
MD5 87e67fd809dca4f09fbbe56b4319c8c1
Sha256 107eee9cb0796e91878dc05dee50f3a83612eb35e3611c1a515546812919cde7
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
FTPPORT 21
FWB 0
MELT 0
INSTALL 1
SID test
FTPPASS 0123456789
PERSINST 0
DIRATTRIB 6
PDNS 127.0.0.1:localhost
CHIDED 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE Hello world!
FTPSIZE 10
FAKEMSG 1
PERS 1
MULTIBIND 1
SH3 1
CHANGEDATE 0
SH1 1
CHIDEF 1
FTPROOT h ttp://www.alm3refh.com/rok
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-H13NYE3
MSGTITLE DarkComet
FTPUSER 123456
FILEATTRIB 6
OVDNS 1
COMBOPATH 10
FTPHOST ftp.yourhost.com
BIND 1
FTPUPLOADK 1
EDTDATE 16/04/2007
PWD Soldier
NETDATA icecube2012.no-ip.biz:200
SH9 1
OFFLINEK 1
GENCODE JFyQ3QiSrwWV
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
icecube2012.no-ip.biz 0
Geo Location
Yara Rules
Comments
comments powered by Disqus