Collection of Upatre Samples ( alpha version)

Config File for b87489f0f59388998c97078e159628d0

md5
b87489f0f59388998c97078e159628d0
source
virusshare
link
download.4n6?sample=7045789f38f74ae5d7217a52395abe4ee877c9b16e3260bfb083c0dbe7c64fcd
malware_name
loduace.exe
temp_file
Lod59D2.tmp
scandate
2015-07-09 12:07:25
parsed
2015-10-06 17:55:03
decrypt_keys
1c6b5537
check_keys
1ce5060f
c2_server
188.120.194.101
baseport
13920
useragent
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.36 (KHTML, like Gecko) Chrome/42.0.2357.81 Safari/536.36
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
16
nr_delivery_sites
15
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
sika2
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://84.246.161.47/sikid2.pdf
2
https://217.168.210.122/sikid2.pdf
3
https://81.90.175.7/sikid2.pdf
4
https://193.86.104.15/sikid2.pdf
5
https://160.218.186.106/sikid2.pdf
6
https://62.204.250.26/sikid2.pdf
7
https://94.103.54.19/sikid2.pdf
8
https://79.120.246.61/sikid2.pdf
9
https://81.93.205.218/sikid2.pdf
10
https://81.93.205.251/sikid2.pdf
11
https://87.229.109.250/sikid2.pdf
12
https://91.83.152.76/sikid2.pdf
13
https://178.253.205.89/sikid2.pdf
14
https://185.47.89.249/sikid2.pdf
15
https://38.124.172.139/sikid2.pdf