Details
Malware Family DarkComet
Date Added March 23, 2015, 8:29 p.m.
MD5 ca72a915da7dda331f3a91b801fc2afc
Sha256 3e8971374581d5d769dadd97dfba6817bd7599ffceeb75be4057a7ca61b78023
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPKeyLogs
OfflineKeylogger 1
FTPHost
FTPSize
CampaignID Guest16
FTPPort
FTPRoot
FTPPassword
Version #KCMDDC51#
Mutex DC_MUTEX-VK1BVKS
Domains gr.no-ip.biz:1604
Gencode VZP4gd8tfVyc
Password
FTPUserName
FireWallBypass 0
Advertising
VirusTotal

33 out of 54 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
gr.no-ip.biz 94.96.187.150 SA
Geo Location
Yara Rules
Comments
comments powered by Disqus