Collection of Upatre Samples ( alpha version)

Config File for 617fbda4f529996ab2419fef30daf240

md5
617fbda4f529996ab2419fef30daf240
source
malwr
link
https://malwr.com/analysis/ZmYzODVlYjE2NWU2NDAyZmI1MzM5ZDIyYWE2ZmM1NWE/
malware_name
zvionxina.exe
temp_file
scandate
2015-07-21 18:47:59
parsed
2015-07-22 16:16:07
decrypt_keys
76281d42
check_keys
c2_server
93.185.4.90
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.36 (KHTML, like Gecko) Chrome/44.0.2455.81 Safari/535.36
payload_format
sim
old
0
clientip
checkip.dyndns.org
nr_targets
51
nr_delivery_sites
50
nr_delivery_sites_online
46
nr_payloads
1
ksa
dec
pdir
PKP1
delivered payloads:
1
40d606bb0b69b60a74ef5fce2598b70f
downloaded
2015-07-22 16:07:03
scanned (on VT)
2015-07-22 14:06:50
positives
14 / 56
detected as
MicroWorld-eScan
Gen:Variant.Kazy.686583
K7AntiVirus
Trojan ( 004b01b41 )
K7GW
Trojan ( 004b01b41 )
ESET-NOD32
Win32/Battdil.J
GData
Gen:Variant.Kazy.686583
Kaspersky
Trojan.Win32.Agent.ifvg
BitDefender
Gen:Variant.Kazy.686583
Ad-Aware
Gen:Variant.Kazy.686583
Emsisoft
Gen:Variant.Kazy.686583 (B)
F-Secure
Gen:Variant.Kazy.686583
Arcabit
Trojan.Kazy.DA79F7
AhnLab-V3
Trojan/Win32.Dyre
ByteHero
Trojan.Malware.Obscu.Gen.002
ALYac
Gen:Variant.Kazy.686583
not detected by:
Bkav, TotalDefense, nProtect, CAT-QuickHeal, McAfee, Malwarebytes, VIPRE, SUPERAntiSpyware, Alibaba, TheHacker, NANO-Antivirus, F-Prot, Symantec, TrendMicro-HouseCall, Avast, ClamAV, Agnitum, ViRobot, Tencent, Comodo, DrWeb, Zillya, TrendMicro, McAfee-GW-Edition, Sophos, Cyren, Jiangmin, Avira, Antiy-AVL, Kingsoft, AegisLab, Microsoft, AVware, VBA32, Baidu-International, Zoner, Rising, Ikarus, Fortinet, AVG, Panda, Qihoo-360
delivery sites:
1
https://24.220.92.193/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
2
https://176.36.251.208/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
3
https://67.221.195.6/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
4
https://69.163.81.211/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
5
https://216.254.231.11/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
6
https://24.33.131.116/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
7
https://104.174.123.66/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
8
https://72.230.82.80/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
9
https://173.248.31.6/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
10
https://173.243.255.79/pikp11.png
11
https://69.9.204.114/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
12
https://188.255.239.34/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
13
https://69.144.171.44/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
14
https://65.33.236.173/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
15
https://216.16.93.250/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
16
https://98.214.11.253/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
17
https://24.148.217.188/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
18
https://173.216.247.74/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
19
https://77.48.30.156/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
20
https://37.57.144.177/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
21
https://95.143.141.50/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
22
https://194.228.203.19/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
23
https://87.249.142.189/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
24
https://85.135.104.170/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
25
https://76.84.81.120/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
26
https://84.246.161.47/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
27
https://217.168.210.122/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
28
https://81.90.175.7/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
29
https://68.70.242.203/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
30
https://64.111.36.52/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
31
https://178.222.250.35/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
32
https://94.154.107.172/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
33
https://68.119.5.32/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
34
https://194.106.166.22/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
35
https://188.255.243.105/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
36
https://188.255.236.184/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
37
https://98.181.17.39/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
38
https://67.207.229.215/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
39
https://67.206.96.68/pikp11.png
40
https://67.222.197.54/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
41
https://69.8.50.85/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
42
https://67.22.167.163/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
43
https://209.40.238.170/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
44
https://98.102.44.38/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
45
https://64.111.42.64/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
46
https://72.174.240.148/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
47
https://63.248.156.246/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
48
https://64.184.183.20/pikp11.png
49
https://72.175.10.116/pikp11.png
40d606bb0b69b60a74ef5fce2598b70f
50
https://74.116.183.136/pikp11.png