Details
Robot
FileName
Malware Family DarkComet
Date Added 2015-11-07 17:33:19
MD5 94fb461080c93f75f53104cb45f8c8b0
Sha256 9416219024a207a69071d6a0ce7c22e4650ac857aec3660da1dfea209d60b27b
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
FTPSIZE 200
MUTEX DC_MUTEX-936PEL9
SH9 1
DIRATTRIB 0
FTPPORT 21
CHIDEF 1
SH10 1
CHANGEDATE 0
MSGTITLE ERROR module specified undetected
FTPROOT /home/indianha/public_html/dabas
MULTIBIND 1
OFFLINEK 1
KEYNAME Explorer
EDTPATH WindowsUpdate.exe
COMBOPATH 2
FILEATTRIB 0
FAKEMSG 1
NETDATA isacredspectre1.ddns.net:25565|isacredspectre1.ddns.net:1604|127.0.0.1:80
FTPUPLOADK
SH1 1
FWB 0
PWD ISREAL1948
SH3 1
INSTALL 1
SID Guest16
SH6 1
MSGCORE 6572726F7220736869656C64206D6F64756C652073706563696669656420756E64657465637465642023313738
PERSINST 0
OVDNS 1
SH8 1
MELT 0
CHIDED 1
PERS 1
PDNS www.norton.com:localhost
MSGICON 16
GENCODE jeuAU1aW70m6
BIND 1
SH7 1
FTPPASS fuckm3!fy0uc@n
FTPHOST ftp.indianhacker.in
FTPUSER dabas@indianhacker.in
SH4 1
SH5 1
EDTDATE 16/04/2007
Virustotal

50 out of 57 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
127.0.0.1 0