Details
Malware Family Sakula
Date Added April 24, 2016, 6:49 a.m.
MD5 d43b47be68b97d0f4039b86115bc6ea1
Sha256 d2359924fa16f9b2263a5efd041c48b22afc1092c023f3c6e3309b8ffac53c76
Robot Robots lovingly delivered by robohash.org
Config Sections
1_Copy File Name AdobeUpdate.exe
1_Waiting Time 30000
1_URI GET3 File newimage.asp
1_URI GET1 Folder /photo/
1_Copy File Path %Temp%\MicroMedia
1_AutoRun Key AdobeUpdate
1_Domain www.savmpet.com
1_URI GET2 File /viewphoto.asp
1_URI GET3 Arg imageid
1_Campaign ID qzbwcl
Advertising
VirusTotal

45 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
www.savmpet.com 69.195.129.72 US
Geo Location
Yara Rules
Comments
comments powered by Disqus