Details
Malware Family DarkComet
Date Added May 25, 2016, 3 a.m.
MD5 c2faa5f03cc2f8fd94c521e2163e22d0
Sha256 2fec47d62a331a19bb9ac1df3c13d3407fee714eb305f353678695896c39c4e8
Robot Robots lovingly delivered by robohash.org
Config Sections
FWB 0
SID Guest16
FTPPASS 0123456789
CHIDEF 1
CHIDED 1
PERS 1
FTPROOT /
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-F54S21D
FILEATTRIB 6
EDTDATE 16/04/2007
NETDATA innobuzzter.no-ip.biz:16045
GENCODE uhTgqHRk6Grf
EDTPATH MSDCSC\msdcsc.exe
MSGICON 0
FTPPORT 21
INSTALL 1
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE 48656C6C6F207468616E6B20796F7520666F72207573696E67206F757220736F6674776172652E
FTPSIZE 10
FAKEMSG 1
MULTIBIND 1
CHANGEDATE 1
PDNS 10.5.50.125:drhackerstar.no-ip.biz
MSGTITLE Welcome
FTPUSER suhas
OVDNS 1
COMBOPATH 7
FTPHOST www.suhas.my3gb.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD fsszika1
SH9 1
OFFLINEK 1
Advertising
VirusTotal

53 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
innobuzzter.no-ip.biz 0
Geo Location
Yara Rules
Comments
comments powered by Disqus