Details
Malware Family DarkComet
Date Added Aug. 10, 2015, 5:55 p.m.
MD5 f5eaed28e08c004ac569ed68ee1bfb2b
Sha256 9d0a1c76ec6c15246be6ebdc2dffab86f8f98c7f9c95d5c494d454a21b49b1eb
Robot Robots lovingly delivered by robohash.org
Config Sections
FTPPORT
FWB
FTPROOT
KEYNAME DarkComet RAT
MUTEX DCMIN_MUTEX-K3RBBFG
INSTALL 1
SID Guest16_min
FTPPASS
FTPUSER
COMBOPATH 7
FTPHOST
FTPUPLOADK
PWD
NETDATA xawmyet.no-ip.biz:1604
OFFLINEK 1
GENCODE 6JtLS8MS9rL7
FTPSIZE
EDTPATH DCSCMIN\IMDCSC.exe
Advertising
VirusTotal

49 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
xawmyet.no-ip.biz 95.159.91.188 IQ
Geo Location
Yara Rules
Comments
comments powered by Disqus