Details
Malware Family DarkComet
Date Added Nov. 7, 2015, 3:07 p.m.
MD5 92a87d59ebfcc61d21a03145ffef5760
Sha256 bfa9dd6bfa4fa9ed6756a9e7cb79db1664f8e0f838b9c1696e869b3941ee400f
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
FTPPORT 21
FWB 0
EDTDATE 16/04/2007
INSTALL 1
SID Essai leny
FTPPASS bouwahi
PERSINST 0
DIRATTRIB 6
CHIDEF 1
CHIDED 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE 57656C636F6D6520746F204461726B436F6D6574205241542E0D0A496620796F75207365652074686973206D6573736167652C206974206D65616E73207468652073747562207375636365737366756C6C792072756E7320616E6420796F752077696C6C206170656172200D0A696E20746865206D61737465722075736572206C6973742E0D0A
FTPSIZE 10
FAKEMSG 1
PERS 1
PDNS 127.0.0.1:localhost
CHANGEDATE 0
SH1 1
FTPROOT /logs
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-LN0NDEZ
MSGTITLE Welcome
FTPUSER terrorb
FILEATTRIB 6
COMBOPATH 10
FTPHOST ftp.drivehq.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD jojoguy
NETDATA slofeur.zapto.org:1500
SH9 1
OFFLINEK 1
GENCODE p4W9N2cT5nfm
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

48 out of 52 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
slofeur.zapto.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus