Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2016-04-22 06:28:28 |
MD5 | e8077aa2097bcb87f45ad4a82ef58857 |
Sha256 | 0ee5240425e2a0252fea0550cf1bbfe64e90d0dfebe01bcbb5a6bc30b7f3066d |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | 200 |
---|---|
SH10 | 1 |
MUTEX | DC_MUTEX-P0TLWKQ |
SH9 | 1 |
DIRATTRIB | 0 |
FTPPORT | 21 |
CHIDEF | 1 |
FAKEMSG | 1 |
SID | Guest177 |
OVDNS | 1 |
BIND | 1 |
SH8 | 1 |
MSGICON | 0 |
SH6 | 1 |
CHIDED | 1 |
FTPROOT | / |
MSGTITLE | HATA |
PERS | 1 |
OFFLINEK | 1 |
MSGCORE | 50726F6772616D2053697374656D696E697A6C65205579756D6C75204465F0696C204CFC7466656E2047FC6E63656C6C6579696E202121 |
CHANGEDATE | 0 |
KEYNAME | MicrosoftUpdate |
PDNS | zzcc1212.codns.com:localhost|121.67.32.98:localhost |
PERSINST | 0 |
EDTPATH | MSDCSC\msdcsc.exe |
MELT | 0 |
COMBOPATH | 2 |
FILEATTRIB | 0 |
GENCODE | J0vCg2Ps0r3Y |
NETDATA | mvkeylogg.hopto.org:100 |
FTPUPLOADK | 1 |
SH1 | 1 |
FWB | 0 |
SH7 | 1 |
FTPPASS | 112730500 |
FTPHOST | ftp.hospitalsanbernardo.com.ar |
PWD | 112730500 |
FTPUSER | root@hospitalsanbernardo.com.ar |
SH4 | 1 |
SH5 | 1 |
EDTDATE | 16/04/2007 |
SH3 | 1 |
INSTALL | 1 |
Virustotal
52 out of 57 AV Engines identified the sample as Malicious.