Collection of Upatre Samples ( alpha version)

Config File for a2956e36e29110b7cde7c12e032db8c8

md5
a2956e36e29110b7cde7c12e032db8c8
source
malwr
link
https://malwr.com/analysis/OTBlODFiNTc1M2EzNDVmYzgzMTRhNzJhOThlMzg1YTI/
malware_name
sciduse.exe
temp_file
SCIDF77F.txt
scandate
2015-05-11 11:49:31
parsed
2015-06-26 09:59:34
decrypt_keys
180d7a46
check_keys
585223ba
c2_server
91.211.17.201
baseport
13920
useragent
Mozilla/5.0 (Windows NT 6.1; rv:34.0) Gecko/20100101 Firefox/34.0
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
27
nr_delivery_sites
26
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
TSS11
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://38.123.202.3/tiss11.pdf
2
https://38.123.202.197/tiss11.pdf
3
https://38.124.169.187/tiss11.pdf
4
https://188.231.34.130/tiss11.pdf
5
https://173.216.240.56/tiss11.pdf
6
https://176.108.102.76/tiss11.pdf
7
https://38.75.36.134/tiss11.pdf
8
https://38.75.39.108/tiss11.pdf
9
https://24.96.235.120/tiss11.pdf
10
https://73.53.45.44/tiss11.pdf
11
https://38.75.38.186/tiss11.pdf
12
https://38.124.169.178/tiss11.pdf
13
https://216.134.249.239/tiss11.pdf
14
https://64.58.204.3/tiss11.pdf
15
https://67.14.207.174/tiss11.pdf
16
https://64.25.77.203/tiss11.pdf
17
https://162.255.126.8/tiss11.pdf
18
https://24.220.92.193/tiss11.pdf
19
https://67.198.207.22/tiss11.pdf
20
https://67.198.207.20/tiss11.pdf
21
https://67.198.207.19/tiss11.pdf
22
https://64.203.121.6/tiss11.pdf
23
https://216.245.211.242/tiss11.pdf
24
https://109.86.226.85/tiss11.pdf
25
https://174.96.234.86/tiss11.pdf
26
https://69.77.155.3/tiss11.pdf