Details
Robot
FileName
Malware Family Sakula
Date Added 2016-03-20 03:00:03
MD5 f016c7d0f46794a39a6919a17ac02d8b
Sha256 59b25f8365682e3c01e7ac5c536d095fdc7250e46c14cda0f8dedfd9de42ad68
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
1_Copy File Name AdobeUpdate.exe
1_URI GET1 Folder /photo/
1_AutoRun Key AdobeUpdate
1_Copy File Path %Temp%\MicroMedia
1_URI GET3 Arg imageid
1_Campaign ID qzbwcl
1_URI GET3 File newimage.asp
1_Domain www.savmpet.com
1_Waiting Time 30000
1_URI GET2 File /viewphoto.asp
Virustotal

0 out of 0 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
savmpet.com www.savmpet.com 69.195.129.72 US