Details
Malware Family DarkComet
Date Added April 23, 2017, 6:25 a.m.
MD5 a50fbb976cb47fd79ed6458a5edb3b60
Sha256 65aedc82af755510ff3b923e8ceb63b69c50cd35a9dc7e24d89273e31a4d1ee6
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
SH10 1
CHIDEF 1
CHIDED 1
MSGTITLE HACKLENDNZ
FTPPORT 21
FWB 0
SH6 1
FTPROOT /
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-8ZH339V
MELT 1
INSTALL 1
SID Guest16
SH4 1
FTPPASS 0123456789
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
FTPUSER username
SH5 1
COMBOPATH 7
FTPHOST ftp.yourhost.com
SH8 1
FILEATTRIB 6
FTPUPLOADK 1
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA 127.0.0.1:1604
MSGCORE 417979FD6C64FD7A2054696D20456B696269205461726166FD6E64616E20576F6C667465616D204861636B204B756C6C616E64FDF0FD6EFD7A20DDE7696E204861636B6C656E64696E697A
OFFLINEK 1
GENCODE giHq8we9Rm8P
FTPSIZE 10
CHANGEDATE 1
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus