Details
Malware Family DarkComet
Date Added Nov. 7, 2015, 5:23 p.m.
MD5 94d068974cb984b15fb787b235249b00
Sha256 89ff7b47a2c82a201d134abc0fba47b9490aca5ac08cc3eff170d9b098862439
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 64
FTPPORT 21
FWB 0
MELT 1
INSTALL 1
SID Guest16
FTPPASS fuckm3!fy0uc@n
PERSINST 1
DIRATTRIB 2
CHIDEF 1
CHIDED 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
SH9 1
FTPSIZE 200
FAKEMSG 1
PERS 1
MULTIBIND 1
SH3 1
CHANGEDATE 0
SH1 1
FTPROOT /home/indianha/public_html/dabas
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-BAHEJ2M
MSGTITLE Sripts for Minecraft
FTPUSER dabas@indianhacker.in
FILEATTRIB 2
OVDNS 1
COMBOPATH 3
FTPHOST ftp.indianhacker.in
BIND 1
FTPUPLOADK
EDTDATE 16/04/2007
PWD abido
NETDATA ratted12.zapto.org:1604
MSGCORE 496E7374616C6C2073726970747320666F72204D696E6563726166742073756363657366756C6C
PDNS www.norton.com:localhost
OFFLINEK 1
GENCODE VRjZoQXb11tT
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

50 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
ratted12.zapto.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus