Collection of Upatre Samples ( alpha version)

Config File for 721c2e303205d898807057de049f53c5

md5
721c2e303205d898807057de049f53c5
source
malwr
link
https://malwr.com/analysis/ZjZlZTUwYjI4ZGY5NGJhY2FlMWIxYjk0NTc3NjdlMTE/
malware_name
ozzinstall.exe
temp_file
logE753.txt
scandate
2015-09-11 12:30:03
parsed
2015-09-12 06:11:16
decrypt_keys
180d7a46
check_keys
585223ba
c2_server
91.211.17.201
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1; rv:34.0) Gecko/20100101 Firefox/34.0
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
27
nr_delivery_sites
26
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
TDK12
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://67.198.207.22/tedik12.png
2
https://67.198.207.20/tedik12.png
3
https://67.198.207.19/tedik12.png
4
https://64.203.121.6/tedik12.png
5
https://73.53.45.44/tedik12.png
6
https://38.75.38.186/tedik12.png
7
https://38.124.169.178/tedik12.png
8
https://38.123.202.3/tedik12.png
9
https://38.123.202.197/tedik12.png
10
https://38.124.169.187/tedik12.png
11
https://188.231.34.130/tedik12.png
12
https://173.216.240.56/tedik12.png
13
https://176.108.102.76/tedik12.png
14
https://38.75.36.134/tedik12.png
15
https://38.75.39.108/tedik12.png
16
https://24.96.235.120/tedik12.png
17
https://216.134.249.239/tedik12.png
18
https://64.58.204.3/tedik12.png
19
https://67.14.207.174/tedik12.png
20
https://64.25.77.203/tedik12.png
21
https://162.255.126.8/tedik12.png
22
https://24.220.92.193/tedik12.png
23
https://216.245.211.242/tedik12.png
24
https://109.86.226.85/tedik12.png
25
https://174.96.234.86/tedik12.png
26
https://69.77.155.3/tedik12.png