Details
Robot
FileName
Malware Family DarkComet
Date Added 2015-11-07 20:06:54
MD5 8993dd05d28bd402e441078066562be0
Sha256 c5a08d90098fd920ae8f6a662bddac0894cbfca98f9e97ea2f9bf9cea680de81
Robot Robots lovingly delivered by robohash.org
Advertising
Config Data
FTPSIZE 10
SID RAT test
SH6 1
SH9 1
DIRATTRIB 7
FTPPORT 21
CHIDEF 1
GENCODE vvSBqDmyyKKR
SH10 1
SH8 1
MSGICON 64
CHANGEDATE 0
CHIDED 1
FTPROOT /darkcomet
MSGTITLE Microsoft Windows Update
PERS 1
OFFLINEK 1
MSGCORE 596F757220636F6D707574657220686173206265656E20757064617465642E
FTPUPLOADK
KEYNAME updater
PERSINST 1
EDTPATH udupdt\update.exe
MELT 1
COMBOPATH 2
FILEATTRIB 7
FAKEMSG 1
NETDATA toolzcoolz.no-ip.biz:64598
MUTEX DC_MUTEX-3X5ENZY
SH1 1
FWB 0
SH7 1
FTPPASS lkjuh787yhg40***
FTPHOST shops.walnmar.com
PWD Ppghytu&*&^^[]09\\\]][]
FTPUSER admin@walnmar.com
SH4 1
SH5 1
EDTDATE 16/04/2007
SH3 1
INSTALL 1
Virustotal

48 out of 52 AV Engines identified the sample as Malicious.

Virustotal Report