Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2016-04-22 06:28:28 |
MD5 | e0561b2db124ecba2fc308cf9118d935 |
Sha256 | 19824d0d7f5509236cc213d7ddf9032527c4837ffcf59b35db96f7caf90e0065 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | 200 |
---|---|
SH10 | 1 |
MUTEX | DC_MUTEX-YD6E2VX |
SH9 | 1 |
DIRATTRIB | 6 |
FTPPORT | 21 |
CHIDEF | 1 |
FAKEMSG | 1 |
SID | test |
OVDNS | 1 |
BIND | 1 |
SH8 | 1 |
MSGICON | 16 |
SH6 | 1 |
CHIDED | 1 |
FTPROOT | / |
MSGTITLE | error |
PERS | 1 |
OFFLINEK | 1 |
MSGCORE | 46616C6C6F206C6120696E7374616C6163696F6E20786D6963726F64636F6D2E646C6C |
CHANGEDATE | 0 |
KEYNAME | MicroUpdate |
PDNS | zzcc1212.codns.com:localhost|121.67.32.98:localhost |
PERSINST | 1 |
EDTPATH | MSDCSC\msdcsc.exe |
MELT | 1 |
COMBOPATH | 7 |
FILEATTRIB | 6 |
GENCODE | 4R9A5AxUnsi8 |
NETDATA | kryptyko.sytes.net:6000 |
FTPUPLOADK | 1 |
SH1 | 1 |
FWB | 0 |
SH7 | 1 |
FTPPASS | 112730500 |
FTPHOST | ftp.hospitalsanbernardo.com.ar |
PWD | 112730500 |
FTPUSER | root@hospitalsanbernardo.com.ar |
SH4 | 1 |
SH5 | 1 |
EDTDATE | 16/04/2007 |
SH3 | 1 |
INSTALL | 1 |
Virustotal
52 out of 57 AV Engines identified the sample as Malicious.