Details
Robot
FileName
Malware Family DarkComet
Date Added 2015-11-07 18:12:13
MD5 9714d442e3665235e38313f9b35d988a
Sha256 7174022d0c279b41eaba621f21e2c6444806d7d2539723e31aae3c22a77b17fd
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
FTPSIZE 10
SID Guest16
SH6 1
SH9 1
DIRATTRIB 6
FTPPORT 21
CHIDEF 1
SH10 1
SH8 1
MELT 0
CHANGEDATE 0
CHIDED 1
FTPROOT C:\Keylogger
PERS 1
OFFLINEK 1
FTPUPLOADK
KEYNAME winupdater
PDNS 127.0.0.1:localhost
PERSINST 0
EDTPATH Windupdt\winupdate.exe
COMBOPATH 0
FILEATTRIB 6
GENCODE b/8*6BRl$bm4
NETDATA 127.0.0.1:1606
MUTEX DC_MUTEX-QG5XNYD
FWB 0
SH7 1
FTPPASS 2214255
FTPHOST 192.168.1.103
PWD tq5bb3leogpb
FTPUSER keyl
SH5 1
EDTDATE 16/04/2007
INSTALL 1
Virustotal

48 out of 51 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
127.0.0.1 0