Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2015-11-07 20:02:49 |
MD5 | 994dff4c26aade6da7c48ca3f6b605c9 |
Sha256 | e54b8e07c0c247c2d89d7dc7739cbfc595df9b65b6e9bd820b7bed871e78a21e |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | 10 |
---|---|
SID | Microsoft006 |
SH6 | 1 |
SH9 | 1 |
DIRATTRIB | 2 |
FTPPORT | 21 |
CHIDEF | 1 |
GENCODE | b55r%iLE/kmc |
SH10 | 1 |
SH8 | 1 |
MSGICON | 16 |
CHANGEDATE | 0 |
CHIDED | 1 |
FTPROOT | /darkcomet |
MSGTITLE | Windows |
PERS | 1 |
OFFLINEK | 1 |
MSGCORE | 5468652066696C652069732064656D61676564206F7220646F6573206E6F74206578697374 |
FTPUPLOADK | |
KEYNAME | WinUpdater |
PERSINST | 1 |
EDTPATH | MSDCSC\msdcsc.exe |
MELT | 0 |
COMBOPATH | 0 |
FILEATTRIB | 2 |
FAKEMSG | 1 |
NETDATA | mylovely.zapto.org:1604 |
MUTEX | DC_MUTEX-PV1GFUS |
SH1 | 1 |
FWB | 1 |
SH7 | 1 |
FTPPASS | lkjuh787yhg40*** |
FTPHOST | shops.walnmar.com |
PWD | Ppghytu&*&^^[]09\\\]][] |
FTPUSER | admin@walnmar.com |
SH4 | 1 |
SH5 | 1 |
EDTDATE | 16/04/2007 |
SH3 | 1 |
INSTALL | 1 |
Virustotal
45 out of 51 AV Engines identified the sample as Malicious.