Collection of Upatre Samples ( alpha version)

Config File for 24f9a38471e49cfa484b091b44aacd5a

md5
24f9a38471e49cfa484b091b44aacd5a
source
virusshare
link
download.4n6?sample=5f963c2b54eb2a8e7c2f1fd73b394cb7a3cdc424161c5966c192424c93977b6e
malware_name
ffxug.exe
temp_file
scandate
0000-00-00 00:00:00
parsed
2015-07-09 15:35:15
decrypt_keys
1b2cf01b
check_keys
c2_server
188.165.204.210
baseport
9587
useragent
AppUpdate
payload_format
sim
old
0
clientip
nr_targets
2
nr_delivery_sites
2
nr_delivery_sites_online
1
nr_payloads
1
ksa
inc
pdir
1709us
delivered payloads:
1
5f9b8dc2ba6818e4b3053ca728590794
downloaded
2015-07-09 15:35:15
scanned (on VT)
2015-07-09 13:35:29
positives
24 / 55
detected as
MicroWorld-eScan
Gen:Variant.Dyreza.4
CAT-QuickHeal
Ransom.Crowti.A4
ALYac
Gen:Variant.Dyreza.4
VIPRE
Trojan.Win32.Kryptik.cns (v)
ESET-NOD32
Win32/Battdil.G
Avast
Win32:Agent-AUDV [Trj]
GData
Gen:Variant.Dyreza.4
Kaspersky
HEUR:Trojan.Win32.Generic
BitDefender
Gen:Variant.Dyreza.4
Ad-Aware
Gen:Variant.Dyreza.4
Emsisoft
Gen:Variant.Dyreza.4 (B)
F-Secure
Gen:Variant.Dyreza.4
DrWeb
Trojan.Dyre.28
Zillya
Backdoor.Androm.Win32.11507
Sophos
Mal/Zbot-QL
Antiy-AVL
Trojan[Backdoor]/Win32.Androm
Kingsoft
Win32.Hack.Androm.ey.(kcloud)
Arcabit
Trojan.Dyreza.4
AhnLab-V3
Trojan/Win32.Zbot
Microsoft
TrojanDropper:Win32/Dyzap.A
AVware
Trojan.Win32.Kryptik.cns (v)
VBA32
Backdoor.Androm
Fortinet
W32/Kryptik.CMRA!tr
AVG
Dropper.Generic9.XVA
not detected by:
Bkav, TotalDefense, nProtect, Malwarebytes, SUPERAntiSpyware, TheHacker, Alibaba, K7GW, K7AntiVirus, Agnitum, Cyren, Symantec, TrendMicro-HouseCall, ClamAV, NANO-Antivirus, ViRobot, Tencent, Comodo, TrendMicro, McAfee-GW-Edition, F-Prot, Jiangmin, AegisLab, ByteHero, McAfee, Baidu-International, Zoner, Rising, Ikarus, Panda, Qihoo-360
delivery sites:
1
https://dremmon.1sweethost.com/scripts/1709us.kis
2
https://df2lh.privat.t-online.de/scripts/1709us.kis
5f9b8dc2ba6818e4b3053ca728590794