Details
Robot
FileName
Malware Family DarkComet
Date Added 2016-05-25 03:00:04
MD5 978b99662aca5700791f19ebc321d374
Sha256 3da60ee441c81cd5487f5bf22e767f442a843f7318839dc3f006fc715d34db80
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
FTPSIZE 10
SH10 1
MUTEX DC_MUTEX-XM2CF60
SH9 1
DIRATTRIB 6
FTPPORT 21
CHIDEF 1
FAKEMSG 1
SID K
OVDNS 1
BIND 1
SH8 1
MSGICON 48
SH6 1
CHIDED 1
FTPROOT \victim
MSGTITLE Error 401
PERS 1
OFFLINEK 1
MULTIBIND 1
MSGCORE Der Dienst ist nicht gestartet
CHANGEDATE 1
KEYNAME MicroUpdate
PERSINST 1
EDTPATH MSDCSC\msdcsc.exe
MELT 0
COMBOPATH 7
FILEATTRIB 6
GENCODE mMzcP9euZr9D
NETDATA 96.37.209.152:1604
FTPUPLOADK 1
SH1 1
FWB 1
SH7 1
FTPPASS Quasimodo2448
FTPHOST eraa.zzl.org
PWD 0123456789
FTPUSER eraa_zzl
SH4 1
SH5 1
EDTDATE 16/04/2007
SH3 1
INSTALL 1
Virustotal

0 out of 0 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
96.37.209.152 US