Details
Malware Family DarkComet
Date Added May 27, 2018, 6:25 a.m.
MD5 c65c3c8c4035481a6833394476c82ff1
Sha256 0d3cddf66b626003720d19ea89cf58d4031060f8e74f0b8bd268fd2a46f9fe2f
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
CHIDEF 1
MSGTITLE Pinguin
FTPPORT
FWB 0
FTPROOT
KEYNAME Server Runtime Subsystem
MUTEX DC_MUTEX-8Y1MND3
MELT 0
INSTALL 1
SID Guest16
FTPPASS
PERSINST 0
DIRATTRIB 4
SH1 1
CHIDED 1
FTPUSER
COMBOPATH 5
FTPHOST
FILEATTRIB 4
FTPUPLOADK
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA 176.114.132.28:1605
MSGCORE 496E6A6563742073756363657366756C6C
OFFLINEK 1
GENCODE gLMYpimEbUoE
FTPSIZE
CHANGEDATE 0
EDTPATH system32\csrss.exe
Advertising
VirusTotal

57 out of 65 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
176.114.132.28 RU
Geo Location
Yara Rules
Comments
comments powered by Disqus