Details
Malware Family DarkComet
Date Added May 25, 2016, 3 a.m.
MD5 a2db93e822526c144eae6efb531596cd
Sha256 292d7aef1f7f6164aba1cfd87e96dcc2b51fc1bc68e4ef475e6f97a213cbf047
Robot Robots lovingly delivered by robohash.org
Config Sections
FWB 0
SID Guest16
FTPPASS 12qwaszX
CHIDEF 1
CHIDED 1
PERS 1
FTPROOT /Logs
SH10 1
KEYNAME Microappls
MUTEX DC_MUTEX-U4974RQ
FILEATTRIB 3
EDTDATE 30/04/2012
NETDATA 127.0.0.1:1604
GENCODE MZnw9rQpqHrb
EDTPATH windows\apps.exe
MSGICON 0
FTPPORT 21
INSTALL 1
PERSINST 1
DIRATTRIB 3
SH1 1
SH3 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE Hello is virus
FTPSIZE 1000
FAKEMSG 1
MULTIBIND 1
CHANGEDATE 1
PDNS 127.0.0.1:virustotal.com|127.0.0.1:www.virustotal.com
MSGTITLE mdrr
FTPUSER xcursayer
OVDNS 1
COMBOPATH 3
FTPHOST ftp.drivehq.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD 1234554321
SH9 1
OFFLINEK 1
Advertising
VirusTotal

52 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus