Details
Malware Family Sakula
Date Added April 24, 2016, 6:49 a.m.
MD5 678ca032a9d3ba88d4651528f06f5612
Sha256 2fe5fbea5535a17f1d69ca84ce2f8308093460e9f355f4ed79385d5b837d8ddf
Robot Robots lovingly delivered by robohash.org
Config Sections
1_Copy File Name AdobeUpdate.exe
1_Waiting Time 30000
1_URI GET3 File newimage.asp
1_URI GET1 Folder /photo/
1_Copy File Path %Temp%\MicroMedia
1_AutoRun Key AdobeUpdate
1_Domain www.savmpet.com
1_URI GET2 File /viewphoto.asp
1_URI GET3 Arg imageid
1_Campaign ID qzbwcl
Advertising
VirusTotal

45 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
www.savmpet.com 69.195.129.72 US
Geo Location
Yara Rules
Comments
comments powered by Disqus