Collection of Upatre Samples ( alpha version)

Config File for 016bd303201b714c06fc8be0f3189c90

md5
016bd303201b714c06fc8be0f3189c90
source
virusshare
link
download.4n6?sample=8a7d7a9048b3036d82e25cfdd28256e6d43c040c1999086376078a5ecabe800f
malware_name
Gycijaba.exe
temp_file
Gyci7EC9.txt
scandate
2015-07-22 15:14:23
parsed
2015-09-14 14:48:01
decrypt_keys
3e51cf28
check_keys
74090789
c2_server
188.120.194.101
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/538.37 (KHTML, like Gecko) Chrome/44.0.2457.82 Safari/538.37
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
20
nr_delivery_sites
19
nr_delivery_sites_online
2
nr_payloads
1
ksa
rol
pdir
UAM
delivered payloads:
1
fff49761e5f527cc4bfa23a3edd8cd30
downloaded
2015-09-14 14:48:01
scanned (on VT)
2015-06-17 15:23:16
positives
34 / 57
detected as
MicroWorld-eScan
Gen:Variant.Dyzap.16
CAT-QuickHeal
Backdoor.NetWiredRC.B4
ALYac
Gen:Variant.Dyzap.16
Malwarebytes
Spyware.Dyre
VIPRE
BehavesLike.Win32.Malware.bsf (vs)
NANO-Antivirus
Trojan.Win32.Dyre.dstzpj
F-Prot
W32/Dropper.gen8!Maximus
ByteHero
Virus.Win32.Part.c
TrendMicro-HouseCall
TSPY_DYRE.YYSLB
Avast
Win64:Malware-gen
GData
Gen:Variant.Dyzap.16
Kaspersky
Trojan-Banker.Win32.Dyre.ms
BitDefender
Gen:Variant.Dyzap.16
Tencent
Trojan.Win32.Qudamah.Gen.7
Ad-Aware
Gen:Variant.Dyzap.16
Emsisoft
Gen:Variant.Dyzap.16 (B)
Comodo
TrojWare.Win32.PWS.Dyzap.MY
F-Secure
Gen:Variant.Dyzap.16
DrWeb
DLOADER.Trojan
TrendMicro
TSPY_DYRE.YYSLB
Sophos
Troj/Jaiko-A
Cyren
W64/Trojan.EOPK-2648
Jiangmin
Trojan/Banker.Dyre.bq
Avira
W32/Etap
Antiy-AVL
Trojan/Win32.SGeneric
Arcabit
Trojan.Dyzap.16
Microsoft
PWS:Win32/Dyzap
AhnLab-V3
Trojan/Win32.Battdil
AVware
BehavesLike.Win32.Malware.bsf (vs)
VBA32
suspected of Trojan.Downloader.gen.h
ESET-NOD32
Win32/Battdil.T
Ikarus
Trojan-Banker.Win32.Dyre
AVG
Generic_r.FEN
Panda
Trj/Genetic.gen
not detected by:
Bkav, TotalDefense, nProtect, CMC, SUPERAntiSpyware, K7AntiVirus, Alibaba, K7GW, TheHacker, Symantec, ClamAV, Agnitum, AegisLab, Zillya, McAfee-GW-Edition, Kingsoft, ViRobot, McAfee, Baidu-International, Zoner, Rising, Fortinet, Qihoo-360
delivery sites:
1
https://78.32.124.231/ua.png
2
https://76.105.248.137/ua.png
3
https://75.132.173.27/ua.png
4
https://76.84.81.120/ua.png
5
https://76.28.92.4/ua.png
6
https://65.74.106.143/ua.png
7
https://66.191.25.136/ua.png
8
https://98.222.64.184/ua.png
9
https://69.144.171.44/ua.png
fff49761e5f527cc4bfa23a3edd8cd30
10
https://65.33.236.173/ua.png
fff49761e5f527cc4bfa23a3edd8cd30
11
https://66.227.223.219/ua.png
12
https://96.37.204.12/ua.png
13
https://66.196.63.33/ua.png
14
https://69.142.124.76/ua.png
15
https://216.16.93.250/ua.png
16
https://24.19.25.40/ua.png
17
https://98.246.210.27/ua.png
18
https://66.196.61.218/ua.png
19
https://71.99.130.24/ua.png