Details
Robot
FileName
Malware Family PredatorPain
Date Added 2016-01-10 23:14:06
MD5 196c098eddda7b10ed015f83b20e0da9
Sha256 ac54ea7bbfd1161490be3ff660848681a5d73f51e31278e7b6f2af1f4c095ff3
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
SMTP Server smtp.yandex.ru
PHP Link http://www.DeceptiveEngineering.com/path/logs.php
Bound Files False
Use Email yesemail
Email Address baron.alvin@yandex.com
FTP Pass password
SMTP Port 587
Download & Exec downloadfiles
Use FTP noftp
FTP Host ftp.host.com
FTP User username
Email Password manny147
Use PHP nophp
Interval Timer 120000
Version Predator Pain v13
Virustotal

41 out of 55 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
127.0.0.1 0