Details
Malware Family DarkComet
Date Added May 14, 2019, 6:25 a.m.
MD5 df577ed4df4a7ff3f219b54793fa4249
Sha256 3c9239c55f113c551e95a2c1611544af9c2644bd18f1149c4bcc65422c9b498b
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB 0
SH6 1
FTPROOT
SH10 1
KEYNAME stemci Sunucu
MUTEX DC_MUTEX-F54S21D
MELT 0
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 0
DIRATTRIB 2
SH1 1
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
EDTDATE 16/04/2007
PWD
NETDATA nonmo.duckdns.org:3323
SH9 1
OFFLINEK 1
GENCODE hiYnzVR4NUDG
FTPSIZE
CHANGEDATE 0
EDTPATH csrss\csrss.exe
Advertising
VirusTotal

57 out of 69 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
nonmo.duckdns.org 95.65.129.254 TR
Geo Location
Yara Rules
Comments
comments powered by Disqus