Details
Malware Family DarkComet
Date Added Jan. 30, 2016, 3 a.m.
MD5 eccc390b61c3e7883c327131262aad83
Sha256 8b4b00434bde2cc17ac8efce8cd13d9093e9cab41e77bd23b2d8f40a994d7813
Robot Robots lovingly delivered by robohash.org
Config Sections
FWB 0
SID 0808
FTPPASS 0123456789
CHIDEF 1
CHIDED 1
PERS 1
FTPROOT /
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-V6A6AVK
FILEATTRIB 6
EDTDATE 16/04/2007
NETDATA nevermindxxx.dyndns.info:1604
GENCODE bNyyRtCtYA85
EDTPATH MSDCSC\msdcsc.exe
MSGICON 64
FTPPORT 21
INSTALL 1
PERSINST 1
DIRATTRIB 6
SH1 1
SH3 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE 4C6F6164696E6720506C656173652057616974
FTPSIZE 10
FAKEMSG 1
MULTIBIND 1
CHANGEDATE 0
PDNS hou2764.ddns.net:localhost
MSGTITLE Welcome
FTPUSER username
OVDNS 1
COMBOPATH 7
FTPHOST ftp.yourhost.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD 0123456789
SH9 1
OFFLINEK 1
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
nevermindxxx.dyndns.info 0
Geo Location
Yara Rules
Comments
comments powered by Disqus