Collection of Upatre Samples ( alpha version)

Config File for 7c9b81336595d04b6dc241f7175f5250

md5
7c9b81336595d04b6dc241f7175f5250
source
virusshare
link
download.4n6?sample=2115c9ba6eff38270776845526aaec78f3aabc86dc29b8699c42491c2efdd404
malware_name
Zucopsp.exe
temp_file
~PSP60DC.tmp
scandate
2015-06-30 23:43:06
parsed
2015-10-06 09:34:23
decrypt_keys
10be997b
check_keys
ee28c013
c2_server
188.120.194.101
baseport
13920
useragent
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
16
nr_delivery_sites
15
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
SATU12
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://178.214.221.89/status12.pdf
2
https://37.57.144.177/status12.pdf
3
https://173.248.22.227/status12.pdf
4
https://173.248.31.1/status12.pdf
5
https://173.248.31.6/status12.pdf
6
https://173.248.16.79/status12.pdf
7
https://24.240.107.12/status12.pdf
8
https://188.255.236.2/status12.pdf
9
https://188.255.167.4/status12.pdf
10
https://188.255.175.213/status12.pdf
11
https://173.248.27.163/status12.pdf
12
https://173.243.255.79/status12.pdf
13
https://69.9.204.114/status12.pdf
14
https://73.175.203.173/status12.pdf
15
https://188.255.239.34/status12.pdf