Details
Malware Family Sakula
Date Added March 10, 2016, 3 a.m.
MD5 bfa28b417996d5526b2dced7ad3ccbbe
Sha256 1a74273ec4ff3676596b88cb58af7fdc211f4a8c5f13517c40dc5498ad06a0fe
Robot Robots lovingly delivered by robohash.org
Config Sections
1_Copy File Name AdobeUpdate.exe
1_Waiting Time 30000
1_URI GET3 File newimage.asp
1_URI GET1 Folder /photo/
1_Copy File Path %Temp%\MicroMedia
1_AutoRun Key AdobeUpdate
1_Domain www.savmpet.com
1_URI GET2 File /viewphoto.asp
1_URI GET3 Arg imageid
1_Campaign ID qzbwcl
Advertising
VirusTotal

40 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
www.savmpet.com 69.195.129.72 US
Geo Location
Yara Rules
Comments
comments powered by Disqus