Collection of Upatre Samples ( alpha version)

Config File for bbbfcdf496ab14293f8a61e61fdece18

md5
bbbfcdf496ab14293f8a61e61fdece18
source
malwr
link
https://malwr.com/analysis/YzYyZjc0ZjQ2ZDg1NDIzN2E2NDlmODMwNmYzZDJhYmQ/
malware_name
prityviewer.exe
temp_file
PRTY8D97.txt
scandate
2015-05-03 23:37:20
parsed
2015-06-24 22:38:32
decrypt_keys
3d08407a
check_keys
778c857f
c2_server
91.211.17.201
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
12
nr_delivery_sites
11
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
WSB22
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://38.124.169.187/wosb12.pdf
2
https://188.231.34.130/wosb12.pdf
3
https://173.216.240.56/wosb12.pdf
4
https://176.108.102.76/wosb12.pdf
5
https://109.86.226.85/wosb12.pdf
6
https://38.124.169.178/wosb12.pdf
7
https://38.123.202.3/wosb12.pdf
8
https://38.123.202.197/wosb12.pdf
9
https://174.96.234.86/wosb12.pdf
10
https://69.77.155.3/wosb12.pdf
11
https://216.245.211.242/wosb12.pdf