Details
Malware Family Sakula
Date Added April 24, 2016, 6:49 a.m.
MD5 89ac8a20755318ee58e8e3a4e11e40b5
Sha256 2f737193c027c5c2e538e74fd1a0430f4e6c664652a317c3e88202b4b04c97c1
Robot Robots lovingly delivered by robohash.org
Config Sections
1_Copy File Name AdobeUpdate.exe
1_Waiting Time 30000
1_URI GET3 File newimage.asp
1_URI GET1 Folder /photo/
1_Copy File Path %Temp%\MicroMedia
1_AutoRun Key AdobeUpdate
1_Domain www.savmpet.com
1_URI GET2 File /viewphoto.asp
1_URI GET3 Arg imageid
1_Campaign ID qzbwcl
Advertising
VirusTotal

46 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
www.savmpet.com 69.195.129.72 US
Geo Location
Yara Rules
Comments
comments powered by Disqus