Collection of Upatre Samples ( alpha version)

Config File for 27b8537a3b519a4314f5ace5c762cb6b

md5
27b8537a3b519a4314f5ace5c762cb6b
source
n/a
link
n/a
malware_name
avgbrowse.exe
temp_file
scandate
0000-00-00 00:00:00
parsed
2015-07-06 21:55:03
decrypt_keys
1fa71e24
check_keys
c2_server
38.65.142.12
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.34 (KHTML, like Gecko) Chrome/43.0.2457.82
payload_format
sim
old
0
clientip
icanhazip.com
nr_targets
51
nr_delivery_sites
50
nr_delivery_sites_online
46
nr_payloads
1
ksa
dec
pdir
GETB
delivered payloads:
1
23c98238e9f8a347229bcdd05059d401
downloaded
2015-07-04 00:04:15
scanned (on VT)
2015-07-03 13:40:39
positives
4 / 56
detected as
Bkav
HW32.Packed.9164
Rising
PE:Malware.XPACK-HIE/Heur!1.9C48
Tencent
Win32.Trojan.Inject.Auto
Qihoo-360
HEUR/QVM20.1.Malware.Gen
not detected by:
MicroWorld-eScan, nProtect, CAT-QuickHeal, ALYac, Malwarebytes, Zillya, AegisLab, TheHacker, BitDefender, K7GW, K7AntiVirus, NANO-Antivirus, F-Prot, Symantec, ESET-NOD32, TrendMicro-HouseCall, Avast, ClamAV, Kaspersky, Alibaba, Agnitum, ViRobot, ByteHero, Ad-Aware, Sophos, Comodo, F-Secure, DrWeb, VIPRE, TrendMicro, McAfee-GW-Edition, Emsisoft, Cyren, Jiangmin, Avira, Fortinet, Antiy-AVL, Kingsoft, Arcabit, SUPERAntiSpyware, AhnLab-V3, Microsoft, TotalDefense, McAfee, AVware, VBA32, Panda, Zoner, Ikarus, GData, AVG, Baidu-International
delivery sites:
1
https://109.86.226.85/imf2.png
23c98238e9f8a347229bcdd05059d401
2
https://24.220.92.193/imf2.png
23c98238e9f8a347229bcdd05059d401
3
https://176.36.251.208/imf2.png
23c98238e9f8a347229bcdd05059d401
4
https://173.216.240.56/imf2.png
23c98238e9f8a347229bcdd05059d401
5
https://69.163.81.211/imf2.png
23c98238e9f8a347229bcdd05059d401
6
https://216.254.231.11/imf2.png
23c98238e9f8a347229bcdd05059d401
7
https://24.33.131.116/imf2.png
23c98238e9f8a347229bcdd05059d401
8
https://104.174.123.66/imf2.png
23c98238e9f8a347229bcdd05059d401
9
https://72.230.82.80/imf2.png
23c98238e9f8a347229bcdd05059d401
10
https://64.203.121.6/imf2.png
23c98238e9f8a347229bcdd05059d401
11
https://173.248.22.227/imf2.png
23c98238e9f8a347229bcdd05059d401
12
https://173.248.31.1/imf2.png
13
https://173.248.31.6/imf2.png
23c98238e9f8a347229bcdd05059d401
14
https://173.243.255.79/imf2.png
23c98238e9f8a347229bcdd05059d401
15
https://69.9.204.114/imf2.png
23c98238e9f8a347229bcdd05059d401
16
https://188.255.239.34/imf2.png
23c98238e9f8a347229bcdd05059d401
17
https://98.222.64.184/imf2.png
23c98238e9f8a347229bcdd05059d401
18
https://69.144.171.44/imf2.png
23c98238e9f8a347229bcdd05059d401
19
https://65.33.236.173/imf2.png
23c98238e9f8a347229bcdd05059d401
20
https://66.196.63.33/imf2.png
23c98238e9f8a347229bcdd05059d401
21
https://71.99.130.24/imf2.png
23c98238e9f8a347229bcdd05059d401
22
https://216.16.93.250/imf2.png
23c98238e9f8a347229bcdd05059d401
23
https://66.196.61.218/imf2.png
23c98238e9f8a347229bcdd05059d401
24
https://98.214.11.253/imf2.png
23c98238e9f8a347229bcdd05059d401
25
https://24.148.217.188/imf2.png
23c98238e9f8a347229bcdd05059d401
26
https://98.209.75.164/imf2.png
23c98238e9f8a347229bcdd05059d401
27
https://76.105.248.137/imf2.png
23c98238e9f8a347229bcdd05059d401
28
https://173.216.247.74/imf2.png
23c98238e9f8a347229bcdd05059d401
29
https://77.48.30.156/imf2.png
23c98238e9f8a347229bcdd05059d401
30
https://77.95.195.68/imf2.png
23c98238e9f8a347229bcdd05059d401
31
https://37.57.144.177/imf2.png
23c98238e9f8a347229bcdd05059d401
32
https://68.55.59.145/imf2.png
23c98238e9f8a347229bcdd05059d401
33
https://95.143.141.50/imf2.png
23c98238e9f8a347229bcdd05059d401
34
https://194.228.203.19/imf2.png
35
https://87.249.142.189/imf2.png
23c98238e9f8a347229bcdd05059d401
36
https://85.135.104.170/imf2.png
23c98238e9f8a347229bcdd05059d401
37
https://76.84.81.120/imf2.png
23c98238e9f8a347229bcdd05059d401
38
https://84.246.161.47/imf2.png
39
https://217.168.210.122/imf2.png
23c98238e9f8a347229bcdd05059d401
40
https://81.90.175.7/imf2.png
23c98238e9f8a347229bcdd05059d401
41
https://81.93.205.218/imf2.png
23c98238e9f8a347229bcdd05059d401
42
https://81.93.205.251/imf2.png
23c98238e9f8a347229bcdd05059d401
43
https://87.229.109.250/imf2.png
23c98238e9f8a347229bcdd05059d401
44
https://96.46.103.232/imf2.png
23c98238e9f8a347229bcdd05059d401
45
https://68.70.242.203/imf2.png
23c98238e9f8a347229bcdd05059d401
46
https://66.215.30.118/imf2.png
23c98238e9f8a347229bcdd05059d401
47
https://96.46.99.183/imf2.png
23c98238e9f8a347229bcdd05059d401
48
https://96.46.100.49/imf2.png
23c98238e9f8a347229bcdd05059d401
49
https://64.111.36.52/imf2.png
23c98238e9f8a347229bcdd05059d401
50
https://188.255.147.104/imf2.png