Details
Malware Family DarkComet
Date Added Jan. 16, 2016, 3 a.m.
MD5 91b85b245912858ec656e146f2c028c4
Sha256 13cd6ce54eedbc6063b3458fa3197839708d2435948b662f5f0029723955e72b
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
CHIDEF 1
MSGTITLE Welcome
FTPPORT
FWB 0
SH6 1
MSGCORE 496620796F75207365652074686973206D6573736167652C206974206D65616E73207468652073747562206973206E6F74207375636365737366756C6C792072756E7321
FTPROOT
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-YPL5827
MELT 0
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 0
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 2
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD 123
SH3 1
NETDATA ediko.ddns.net:1604
SH9 1
OFFLINEK 1
GENCODE 1YR3rxFPfgcS
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
ediko.ddns.net 109.127.22.29 AZ
Geo Location
Yara Rules
Comments
comments powered by Disqus