Details
Malware Family DarkComet
Date Added Sept. 10, 2017, 6:25 a.m.
MD5 9ffb6556cdfecaef4d6a95a4d39c4b2a
Sha256 710738292af4f45f898c1bf47b112656d41ea65f3a46609cba97dc77f184c06c
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB 1
SH6 1
FTPROOT
KEYNAME Windows Update
MUTEX DC_MUTEX-7ED6WLZ
MELT 1
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 0
BIND 1
FTPUSER
SH5 1
COMBOPATH 2
FTPHOST
SH8 1
FILEATTRIB 0
FTPUPLOADK
SH7 1
EDTDATE 16/04/2016
PERS 1
PWD
NETDATA faruk01.duckdns.org:63|127.0.0.1:1604|192.168.1.43:1604
SH9 1
OFFLINEK 1
GENCODE qDhx6BQLyssG
FTPSIZE
CHANGEDATE 1
EDTPATH Windows Updater
Advertising
VirusTotal

60 out of 64 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
faruk01.duckdns.org 78.188.230.239 TR
127.0.0.1 0
192.168.1.43 0
Geo Location
Yara Rules
Comments
comments powered by Disqus