Details
Malware Family Sakula
Date Added April 24, 2016, 6:49 a.m.
MD5 a59122a204b131f29b449c8d5780e3f2
Sha256 164aa4ecbec0f665d42d37084afcd489959f4a0be9f9c3bdc0ed5a0c9278cd39
Robot Robots lovingly delivered by robohash.org
Config Sections
1_Copy File Name AdobeUpdate.exe
1_Waiting Time 30000
1_URI GET3 File newimage.asp
1_URI GET1 Folder /photo/
1_Copy File Path %Temp%\MicroMedia
1_AutoRun Key AdobeUpdate
1_Domain www.savmpet.com
1_URI GET2 File /viewphoto.asp
1_URI GET3 Arg imageid
1_Campaign ID qzbwcl
Advertising
VirusTotal

43 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
www.savmpet.com 69.195.129.72 US
Geo Location
Yara Rules
Comments
comments powered by Disqus