Details
FileName | |
---|---|
Malware Family | DarkComet |
Date Added | 2015-08-16 15:12:00 |
MD5 | ff7cc83751190450e516f3d259f13e53 |
Sha256 | b0ab117a18be2fe6adfe38e337328667107fe2cf0eff1b625b6e08f1c48345b5 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPSIZE | |
---|---|
SH10 | 1 |
MUTEX | DC_MUTEX-5AZ9K5A |
SH9 | 1 |
DIRATTRIB | 0 |
PERSINST | 0 |
GENCODE | p80uYufoX5o1 |
SID | ilyha02 |
SH8 | 1 |
MELT | 0 |
SH6 | 1 |
MSGTITLE | Welcome |
FTPROOT | |
FILEATTRIB | 2 |
OFFLINEK | 1 |
MSGCORE | 57656C636F6D6520746F204461726B436F6D6574205241542E0D0A496620796F75207365652074686973206D6573736167652C206974206D65616E73207468652073747562207375636365737366756C6C792072756E7320616E6420796F752077696C6C206170656172200D0A696E20746865206D61737465722075736572206C6973742E0D0A |
KEYNAME | Microsoft |
PDNS | http://www.chatter.ru/:127.0.1 |
FTPPORT | |
EDTPATH | svcost\svcost.exe |
MSGICON | 64 |
COMBOPATH | 3 |
FAKEMSG | 1 |
NETDATA | ilyha02.ddns.net:1604 |
FTPUPLOADK | |
FWB | 0 |
SH7 | 1 |
FTPPASS | |
FTPHOST | |
PWD | |
FTPUSER | |
SH5 | 1 |
EDTDATE | 16/04/2007 |
CHANGEDATE | 0 |
INSTALL | 1 |
Virustotal
46 out of 56 AV Engines identified the sample as Malicious.