Collection of Upatre Samples ( alpha version)

Config File for 4d9d9d6b86c3a30de06ba73ec7a11b28

md5
4d9d9d6b86c3a30de06ba73ec7a11b28
source
malwr
link
https://malwr.com/analysis/ZmU5ZTZhMTU3OWZjNGVmYWIwOGFiY2JjY2RlYTQzOGI/
malware_name
youcanhelp.exe
temp_file
your_468D.txt
scandate
2015-05-09 01:52:08
parsed
2015-06-24 16:15:11
decrypt_keys
2aae1327
check_keys
37ad7133
c2_server
91.211.17.201
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
17
nr_delivery_sites
16
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
TKB12
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://173.248.31.6/team12.png
2
https://173.248.16.79/team12.png
3
https://24.240.107.12/team12.png
4
https://173.248.29.213/team12.png
5
https://173.248.20.145/team12.png
6
https://173.248.3.76/team12.png
7
https://173.248.27.33/team12.png
8
https://173.248.27.163/team12.png
9
https://173.248.12.238/team12.png
10
https://173.248.13.2/team12.png
11
https://173.248.13.100/team12.png
12
https://216.245.211.242/team12.png
13
https://162.249.150.113/team12.png
14
https://68.170.55.114/team12.png
15
https://173.248.29.43/team12.png
16
https://173.248.31.1/team12.png