Details
Robot
FileName
Malware Family DarkComet
Date Added 2016-04-22 06:28:28
MD5 e8077aa2097bcb87f45ad4a82ef58857
Sha256 0ee5240425e2a0252fea0550cf1bbfe64e90d0dfebe01bcbb5a6bc30b7f3066d
Robot Robots lovingly delivered by robohash.org
Advertising
Config Data
FTPSIZE 200
SH10 1
MUTEX DC_MUTEX-P0TLWKQ
SH9 1
DIRATTRIB 0
FTPPORT 21
CHIDEF 1
FAKEMSG 1
SID Guest177
OVDNS 1
BIND 1
SH8 1
MSGICON 0
SH6 1
CHIDED 1
FTPROOT /
MSGTITLE HATA
PERS 1
OFFLINEK 1
MSGCORE 50726F6772616D2053697374656D696E697A6C65205579756D6C75204465F0696C204CFC7466656E2047FC6E63656C6C6579696E202121
CHANGEDATE 0
KEYNAME MicrosoftUpdate
PDNS zzcc1212.codns.com:localhost|121.67.32.98:localhost
PERSINST 0
EDTPATH MSDCSC\msdcsc.exe
MELT 0
COMBOPATH 2
FILEATTRIB 0
GENCODE J0vCg2Ps0r3Y
NETDATA mvkeylogg.hopto.org:100
FTPUPLOADK 1
SH1 1
FWB 0
SH7 1
FTPPASS 112730500
FTPHOST ftp.hospitalsanbernardo.com.ar
PWD 112730500
FTPUSER root@hospitalsanbernardo.com.ar
SH4 1
SH5 1
EDTDATE 16/04/2007
SH3 1
INSTALL 1
Virustotal

52 out of 57 AV Engines identified the sample as Malicious.

Virustotal Report