Collection of Upatre Samples ( alpha version)

Config File for 4e982e2d8f02cd8cc7b252ac0c8c7ca5

md5
4e982e2d8f02cd8cc7b252ac0c8c7ca5
source
malwr
link
https://malwr.com/analysis/Yjg4MzIyYTI2Yjk5NDc1Mjk3Njc5N2M4NDdiMTdkODk/
malware_name
verdosi.exe
temp_file
scandate
2015-07-08 16:48:59
parsed
2015-07-09 11:42:31
decrypt_keys
5b1e7328
check_keys
c2_server
38.65.142.12
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0
payload_format
sim
old
0
clientip
icanhazip.com
nr_targets
51
nr_delivery_sites
50
nr_delivery_sites_online
47
nr_payloads
1
ksa
dec
pdir
AN11
delivered payloads:
1
95f8ee0f5b53aacdaf81b8b032299578
downloaded
2015-07-09 11:42:31
scanned (on VT)
2015-07-09 08:28:24
positives
4 / 56
detected as
Bkav
HW32.Packed.F149
Kaspersky
UDS:DangerousObject.Multi.Generic
Avira
TR/Rogue.aiogjb
Rising
PE:Malware.XPACK-HIE/Heur!1.9C48
not detected by:
TotalDefense, MicroWorld-eScan, nProtect, CAT-QuickHeal, McAfee, Malwarebytes, VIPRE, SUPERAntiSpyware, TheHacker, Alibaba, K7GW, K7AntiVirus, Agnitum, F-Prot, Symantec, ESET-NOD32, TrendMicro-HouseCall, Avast, ClamAV, GData, BitDefender, NANO-Antivirus, ViRobot, Tencent, Ad-Aware, Emsisoft, Comodo, F-Secure, DrWeb, Zillya, TrendMicro, McAfee-GW-Edition, Sophos, Cyren, Jiangmin, Antiy-AVL, Kingsoft, Arcabit, AegisLab, AhnLab-V3, Microsoft, ByteHero, ALYac, AVware, VBA32, Baidu-International, Zoner, Ikarus, Fortinet, AVG, Panda, Qihoo-360
delivery sites:
1
https://109.86.226.85/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
2
https://24.220.92.193/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
3
https://176.36.251.208/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
4
https://173.216.240.56/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
5
https://69.163.81.211/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
6
https://216.254.231.11/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
7
https://24.33.131.116/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
8
https://104.174.123.66/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
9
https://72.230.82.80/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
10
https://173.248.22.227/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
11
https://173.248.31.6/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
12
https://173.243.255.79/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
13
https://69.9.204.114/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
14
https://188.255.239.34/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
15
https://98.222.64.184/kon1.zip
16
https://69.144.171.44/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
17
https://65.33.236.173/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
18
https://66.196.63.33/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
19
https://71.99.130.24/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
20
https://216.16.93.250/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
21
https://66.196.61.218/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
22
https://98.214.11.253/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
23
https://24.148.217.188/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
24
https://98.209.75.164/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
25
https://76.105.248.137/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
26
https://173.216.247.74/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
27
https://77.48.30.156/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
28
https://77.95.195.68/kon1.zip
29
https://37.57.144.177/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
30
https://68.55.59.145/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
31
https://95.143.141.50/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
32
https://194.228.203.19/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
33
https://87.249.142.189/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
34
https://85.135.104.170/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
35
https://76.84.81.120/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
36
https://84.246.161.47/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
37
https://217.168.210.122/kon1.zip
38
https://81.90.175.7/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
39
https://81.93.205.218/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
40
https://81.93.205.251/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
41
https://87.229.109.250/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
42
https://96.46.103.232/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
43
https://68.70.242.203/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
44
https://66.215.30.118/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
45
https://64.111.36.52/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
46
https://178.222.250.35/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
47
https://94.154.107.172/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
48
https://68.119.5.32/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
49
https://194.106.166.22/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578
50
https://188.255.243.105/kon1.zip
95f8ee0f5b53aacdaf81b8b032299578