Details
Malware Family DarkComet
Date Added April 14, 2018, 6:25 a.m.
MD5 fe36d10f6bb264f0059be752f4d5772e
Sha256 d7d60fe86630ea62608bef3e996604e0317b19ffb46c92333c1b31ac1e07cd4b
Robot Robots lovingly delivered by robohash.org
Config Sections
MSGICON 0
MSGTITLE Loading...
FTPPORT
FWB 0
FTPROOT
KEYNAME MicroUpdate
MUTEX DC_MUTEX-3S6S3Q2
MELT 0
INSTALL 1
SID Guest16
FTPPASS
PERSINST 0
DIRATTRIB 6
CHIDEF 1
CHIDED 1
FTPUSER
COMBOPATH 7
FTPHOST
FILEATTRIB 6
FTPUPLOADK
FAKEMSG 1
EDTDATE 16/04/2007
PERS 1
PWD
NETDATA |bitcometer.ddns.net:3700
MSGCORE 596F757220426C6575204B65792057696C6C2041707065617220536F6F6E2E0D0A0D0A0D0A436C69636B204F4B0D0A
OFFLINEK 1
GENCODE YoeX5Km8oc0T
FTPSIZE
CHANGEDATE 0
EDTPATH MSDCSC\msdcsc.exe
Advertising
VirusTotal

62 out of 66 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
bitcometer.ddns.net 105.154.28.119 MA
Geo Location
Yara Rules
Comments
comments powered by Disqus