Details
Malware Family DarkComet
Date Added Aug. 4, 2017, 6:25 a.m.
MD5 efe03a78b4534a629dc16c5dd5130cf0
Sha256 900b909f44e0cf47573d171f7be8f6b8a3dcf8e860f00d703976f8eb7dcb260e
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 48
MSGTITLE Windows
FTPPORT
FWB 0
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-5JBSP1Q
MELT 0
INSTALL 1
SID Guest16
FTPPASS
PERSINST 0
DIRATTRIB 6
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
FILEATTRIB 6
FTPUPLOADK
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA fannii.ddns.net:1604
MSGCORE 446F7379612042756C756E616D6164FD2021
OFFLINEK 1
GENCODE B0hljFmC1w6M
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

62 out of 65 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
fannii.ddns.net 0
Geo Location
Yara Rules
Comments
comments powered by Disqus