Details
Malware Family DarkComet
Date Added April 14, 2016, 6:52 a.m.
MD5 dd3bbe51f081cf3c2d88c5a8b639c889
Sha256 09a60d99e4134092e42c5520a834fb909aa016f37302b5c637a4304e7f3816c8
Robot Robots lovingly delivered by robohash.org
Config Sections
CHIDEF 1
FTPPORT
FWB 0
SH6 1
FTPROOT
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-SYEDVBV
MELT 0
INSTALL 1
SID 2o
SH4 1
FTPPASS
PERSINST 1
DIRATTRIB 6
SH1 1
CHIDED 1
FTPUSER
SH5 1
COMBOPATH 10
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PERS 1
PWD
SH3 1
NETDATA bogdan55.ddns.net:1604
SH9 1
OFFLINEK 1
GENCODE aCULuFSBLvpb
FTPSIZE
CHANGEDATE 0
EDTPATH Windows\Microsoft Framework2.40.5
Advertising
VirusTotal

50 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
bogdan55.ddns.net 92.113.61.193 UA
Geo Location
Yara Rules
Comments
comments powered by Disqus