Details
FileName | |
---|---|
Malware Family | Sakula |
Date Added | 2016-04-24 06:49:23 |
MD5 | 8d0f4bf6986e8d047d6eea0ef90efe9d |
Sha256 | 465673d5c32a71dc86986f7e2ca3f6e3ee88b5f2d6eba15e07f163a4018ddf8b |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
2_URI GET3 Arg | imageid |
---|---|
2_URI GET2 File | /viewphoto.asp |
2_AutoRun Key | MicroMedia |
1_AutoRun Key | MicroMedia |
2_URI GET1 Folder | /photo/ |
1_URI GET3 Arg | imageid |
1_Domain | www.polarroute.com |
1_URI GET3 File | newimage.asp |
2_Copy File Path | %Temp%\MicroMedia |
2_Domain | www.northpoleroute.com |
2_Campaign ID | honeywell |
1_Copy File Name | MediaCenter.exe |
1_URI GET1 Folder | /photo/ |
1_URI GET2 File | /viewphoto.asp |
2_Copy File Name | MediaCenter.exe |
1_Copy File Path | %Temp%\MicroMedia |
1_Campaign ID | honeywell |
2_Waiting Time | 30000 |
1_Waiting Time | 30000 |
2_URI GET3 File | newimage.asp |
Virustotal
0 out of 0 AV Engines identified the sample as Malicious.