Details
Malware Family DarkComet
Date Added March 28, 2017, 6:25 a.m.
MD5 974c0fd44e60b3a895dfbd1c75ded4cd
Sha256 52c872c2ee82926717397dd4d79c6c410fb9d87eb80af145462053951f157f3a
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
FTPPORT
FWB 0
FTPROOT
KEYNAME winlogon
MUTEX DC_MUTEX-MYEASET
MELT 1
INSTALL 1
SID OK
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER
SH6 1
COMBOPATH 7
FTPHOST
FILEATTRIB 6
FTPUPLOADK
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA xose01.ddns.net:1604
OFFLINEK 1
GENCODE YQlKJRCiGfob
FTPSIZE
CHANGEDATE 0
EDTPATH winlogon.exe
Advertising
VirusTotal

57 out of 61 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
xose01.ddns.net 93.177.183.145 GE
Geo Location
Yara Rules
Comments
comments powered by Disqus