Details
Malware Family DarkComet
Date Added Aug. 15, 2015, 5:19 p.m.
MD5 8850fabe0e8fe6398918c2731a683906
Sha256 7f1b76dc62b9e6be1f9db0ad1c7a8c212fb7b7567f0cdd689003f9c762c6867d
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB 0
FTPROOT
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-JE88429
MELT 0
INSTALL 1
SID aha
FTPPASS
PERSINST 1
DIRATTRIB 6
CHIDEF 1
CHIDED 1
FTPUSER
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PWD
NETDATA ibo.noip.me:1604|12345.zapto.org:1604
SH9 1
OFFLINEK 1
GENCODE RFgs6ZLERjNW
FTPSIZE
CHANGEDATE 1
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

48 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
ibo.noip.me 95.70.226.240 TR
Geo Location
Yara Rules
Comments
comments powered by Disqus