Details
Malware Family DarkComet
Date Added Jan. 30, 2016, 3 a.m.
MD5 fe7de5c4c677b4c2533b1f812b8d4049
Sha256 8f1875b19cf1c80a5c04a048e5de1928e907d4935a581dba11050a0d04d26023
Robot Robots lovingly delivered by robohash.org
Config Sections
FWB 0
SID Guest16
FTPPASS 0123456789
CHIDEF 1
CHIDED 1
PERS 1
FTPROOT /
SH10 1
KEYNAME MicroUpdate
MUTEX DC_MUTEX-9MJQVT8
FILEATTRIB 6
EDTDATE 16/04/2013
NETDATA virus.zapto.org:1604
GENCODE GGFEhDWnUbRz
EDTPATH MSDCSC\msdcsc.exe
MSGICON 48
FTPPORT 21
INSTALL 1
PERSINST 0
DIRATTRIB 6
SH1 1
SH3 1
SH4 1
SH5 1
SH6 1
SH7 1
SH8 1
MSGCORE 536F7272792C207468652070726F6772616D206973206E6F742061766169626C6520617420746865206D6F6D656E742120506C656173652074727920616761696E206C617465722E
FTPSIZE 10
FAKEMSG 1
MULTIBIND 1
CHANGEDATE 1
PDNS hou2764.ddns.net:localhost
MSGTITLE Error (2959x0)
FTPUSER username
OVDNS 1
COMBOPATH 5
FTPHOST ftp.yourhost.com
BIND 1
FTPUPLOADK 1
MELT 0
PWD 0123456789
SH9 1
OFFLINEK 1
Advertising
VirusTotal

50 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
virus.zapto.org 0
Geo Location
Yara Rules
Comments
comments powered by Disqus