Details
Malware Family DarkComet
Date Added Nov. 1, 2017, 6:25 a.m.
MD5 8af3b34cbb639ae5452312079b117ba1
Sha256 8a0bdf266085f1c463831d4910d00e57c143821765f44b37d909a2cb80c1871f
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
SH10 1
CHIDED 1
MSGTITLE NET FRAMWRK
FTPPORT
FWB 1
SH6 1
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-SHL7M6B
MELT 0
INSTALL 1
SID ASTEK
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 6
CHIDEF 1
SH3 1
FTPUSER
SH5 1
COMBOPATH 2
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA topbasbatu000.ddns.net:1604
MSGCORE 4552524F5221
OFFLINEK 1
GENCODE rbAAQlM8dtqa
FTPSIZE
CHANGEDATE 1
EDTPATH SYSTEM\system32.exe
Advertising
VirusTotal

64 out of 68 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
topbasbatu000.ddns.net 88.224.170.210 TR
Geo Location
Yara Rules
Comments
comments powered by Disqus