Details
Malware Family DarkComet
Date Added Aug. 10, 2015, 5:53 p.m.
MD5 a26428679aed6599842aa696e4c86b4c
Sha256 8d2450dc95c8f1bed6d72793d7657a22f215fbedbe3c768d59f65702f55e4cec
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB
FTPROOT
KEYNAME DarkComet RAT
MUTEX DCMIN_MUTEX-4UP3UYP
INSTALL 1
SID Guest16_min
FTPPASS
FTPUSER
COMBOPATH 7
FTPHOST
FTPUPLOADK
PWD
NETDATA sulpfur.ddns.net:999
OFFLINEK 1
GENCODE wHZuvKAKNWHr
FTPSIZE
EDTPATH DCSCMIN\IMDCSC.exe
Advertising
VirusTotal

49 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
sulpfur.ddns.net 79.202.2.127 DE
Geo Location
Yara Rules
Comments
comments powered by Disqus