Details
Malware Family DarkComet
Date Added Nov. 7, 2015, 3:02 p.m.
MD5 a2cb205be5800aa6ada65d2a37f4550a
Sha256 a3b7ddfbc44a151ba0783c6a19b23c66d1f265974293019a7876e86d67e015cd
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
FTPPORT 21
FWB 0
EDTDATE 16/04/2007
INSTALL 1
SID Guest16
FTPPASS bouwahi
PERSINST 0
DIRATTRIB 6
CHIDEF 1
CHIDED 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE Missing Dll 32
FTPSIZE 10
FAKEMSG 1
PERS 1
PDNS 127.0.0.1:localhost
CHANGEDATE 0
SH1 1
FTPROOT /logs
SH10 1
KEYNAME windows
MUTEX DC_MUTEX-9EQ98EY
MSGTITLE Missing Dll 32
FTPUSER terrorb
FILEATTRIB 6
COMBOPATH 7
FTPHOST ftp.drivehq.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD jojoguy
NETDATA jakeztrainer.no-ip.biz:1604
SH9 1
OFFLINEK 1
GENCODE GYVGp5oo1z8k
EDTPATH windows\windows.exe
Advertising
VirusTotal

46 out of 51 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
jakeztrainer.no-ip.biz 0
Geo Location
Yara Rules
Comments
comments powered by Disqus