Details
Malware Family DarkComet
Date Added Sept. 21, 2017, 6:25 a.m.
MD5 f013b803a4a3d91cb021b6fce0ed1b48
Sha256 da5f6f0419983f05fdb1699e8184c94b2e2a263216e2c39165145dafc9127dd0
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 16
MSGTITLE Windows Uygulama Hatas
FTPPORT
FWB 0
SH6 1
FTPROOT
SH9 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-UEAPXNG
MELT 0
INSTALL 1
SID Guest16
SH4 1
FTPPASS
PERSINST 0
DIRATTRIB 6
FTPUSER
SH5 1
COMBOPATH 7
FTPHOST
SH8 1
FILEATTRIB 6
FTPUPLOADK
SH7 1
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA lossehelin.duckdns.org :81
MSGCORE 57696E646F777320627520757967756C616D6179FD2064757264757264752E
OFFLINEK 1
GENCODE bFjJUzTVzwqm
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

54 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
lossehelin.duckdns.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus