Details
Robot
FileName
Malware Family DarkComet
Date Added 2016-04-22 06:28:28
MD5 b3c6ae9936f438a0697d1ffaa29ae1f7
Sha256 40c32681214db313b473a19f51f9c438d14495169907f783fbf1bc7bc895f54c
Robot Robots lovingly delivered by robohash.org
Advertising
Config Data
FTPSIZE 200
SH10 1
MUTEX DC_MUTEX-JKNHM2A
SH9 1
DIRATTRIB 6
FTPPORT 21
CHIDEF 1
FAKEMSG 1
SID Guest16
OVDNS 1
BIND 1
SH8 1
MSGICON 48
SH6 1
CHIDED 1
FTPROOT /
MSGTITLE HATA
PERS 1
OFFLINEK 1
MSGCORE 42DD4C47DD5341594152494E495A20494E2053DD5354454D20D65A454C4CDD4B4C4552DD2059455445524CDD204445D0DD4C44DD522E
CHANGEDATE 1
KEYNAME MicroUpdate
PDNS zzcc1212.codns.com:localhost|121.67.32.98:localhost
PERSINST 1
EDTPATH MSDCSC\msdcsc.exe
MELT 0
COMBOPATH 2
FILEATTRIB 6
GENCODE XowQPkNJ8e46
NETDATA awakerust.sytes.net:1604|awakerust.sytes.net:81
FTPUPLOADK 1
SH1 1
FWB 0
SH7 1
FTPPASS 112730500
FTPHOST ftp.hospitalsanbernardo.com.ar
PWD 112730500
FTPUSER root@hospitalsanbernardo.com.ar
SH4 1
SH5 1
EDTDATE 16/04/2007
SH3 1
INSTALL 1
Virustotal

51 out of 56 AV Engines identified the sample as Malicious.

Virustotal Report