Details
Malware Family DarkComet
Date Added Nov. 7, 2015, 2:48 p.m.
MD5 93de787cc5a32ee240e6d0adcd31599a
Sha256 dcf7154c853dc987eb7aed8311082e72de3987a01f2cf5e7218828a0c1fb3f42
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
FTPPORT 21
FWB 0
EDTDATE 16/04/2007
INSTALL 1
SID Guest16
FTPPASS bouwahi
PERSINST 0
DIRATTRIB 0
CHIDEF 1
CHIDED 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE Hello world!
FTPSIZE 10
FAKEMSG 1
PERS 1
PDNS jackszeug.no-ip.org:jackszeug.no-ip.org
CHANGEDATE 0
SH1 1
FTPROOT /logs
SH10 1
KEYNAME winupdater
MUTEX DC_MUTEX-F54S21D
MSGTITLE DarkComet
FTPUSER terrorb
FILEATTRIB 0
COMBOPATH 5
FTPHOST ftp.drivehq.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD 123456
NETDATA hostmee.no-ip.org:1604
SH9 1
OFFLINEK 1
GENCODE Mi3.vy9$NTLa
EDTPATH Windupdt\winupdate.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
hostmee.no-ip.org 204.95.99.66 US
Geo Location
Yara Rules
Comments
comments powered by Disqus