Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2016-04-22 06:28:28 |
MD5 | b3c6ae9936f438a0697d1ffaa29ae1f7 |
Sha256 | 40c32681214db313b473a19f51f9c438d14495169907f783fbf1bc7bc895f54c |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | 200 |
---|---|
SH10 | 1 |
MUTEX | DC_MUTEX-JKNHM2A |
SH9 | 1 |
DIRATTRIB | 6 |
FTPPORT | 21 |
CHIDEF | 1 |
FAKEMSG | 1 |
SID | Guest16 |
OVDNS | 1 |
BIND | 1 |
SH8 | 1 |
MSGICON | 48 |
SH6 | 1 |
CHIDED | 1 |
FTPROOT | / |
MSGTITLE | HATA |
PERS | 1 |
OFFLINEK | 1 |
MSGCORE | 42DD4C47DD5341594152494E495A20494E2053DD5354454D20D65A454C4CDD4B4C4552DD2059455445524CDD204445D0DD4C44DD522E |
CHANGEDATE | 1 |
KEYNAME | MicroUpdate |
PDNS | zzcc1212.codns.com:localhost|121.67.32.98:localhost |
PERSINST | 1 |
EDTPATH | MSDCSC\msdcsc.exe |
MELT | 0 |
COMBOPATH | 2 |
FILEATTRIB | 6 |
GENCODE | XowQPkNJ8e46 |
NETDATA | awakerust.sytes.net:1604|awakerust.sytes.net:81 |
FTPUPLOADK | 1 |
SH1 | 1 |
FWB | 0 |
SH7 | 1 |
FTPPASS | 112730500 |
FTPHOST | ftp.hospitalsanbernardo.com.ar |
PWD | 112730500 |
FTPUSER | root@hospitalsanbernardo.com.ar |
SH4 | 1 |
SH5 | 1 |
EDTDATE | 16/04/2007 |
SH3 | 1 |
INSTALL | 1 |
Virustotal
51 out of 56 AV Engines identified the sample as Malicious.