Details
Robot
FileName
Malware Family PredatorPain
Date Added 2016-06-30 12:48:50
MD5 b06543dd502c433cf7d0fa19582cfe9b
Sha256 8b3e30ae7b13e66c6f856b152b9b4329fa4e5b1a31c27491484679c589b63a0c
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
SMTP Server smtp.mail.com
PHP Link http://www.DeceptiveEngineering.com/path/logs.php
Bound Files False
Use Email yesemail
Email Address keylogaim@mail.com
FTP Pass password
SMTP Port 587
Download & Exec downloadfiles
Use FTP noftp
FTP Host ftp.host.com
FTP User username
Email Password 14789Chris@
Use PHP nophp
Interval Timer 60000000
Version Predator Pain v13
Virustotal

45 out of 56 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
no-ip.org bechar.no-ip.org 204.95.99.193 US