Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2015-08-16 15:07:51 |
MD5 | 8b7bb19a89a44a75e46d3d87df4c7f93 |
Sha256 | 304e59a1df742ce2bd883543ce17ba878a2a482924b3e4fa18bc6b817d38b420 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | |
---|---|
SID | Guest16 |
MUTEX | DC_MUTEX-2DTQ0PY |
SH9 | 1 |
DIRATTRIB | 0 |
PERSINST | 0 |
CHIDEF | 1 |
GENCODE | u2m4ujMF77MG |
OFFLINEK | 1 |
SH8 | 1 |
MELT | 0 |
SH6 | 1 |
CHIDED | 1 |
FTPROOT | |
MSGTITLE | wrong |
FILEATTRIB | 0 |
MSGCORE | 0D0A546869732069732077696E33322066696C65 |
KEYNAME | MicroUpdate |
FTPPORT | |
EDTPATH | C:\Windows\System32\Boot |
MSGICON | 16 |
COMBOPATH | 2 |
PERS | 1 |
FAKEMSG | 1 |
NETDATA | xat35.duckdns.org:1604 |
FTPUPLOADK | |
SH1 | 1 |
FWB | 1 |
SH7 | 1 |
FTPPASS | |
FTPHOST | |
PWD | |
FTPUSER | |
SH5 | 1 |
EDTDATE | 16/04/2007 |
CHANGEDATE | 0 |
INSTALL | 1 |
Virustotal
49 out of 56 AV Engines identified the sample as Malicious.