Collection of Upatre Samples ( alpha version)

Config File for be0c0b5e0460e818e94bc8fd3dca1f76

md5
be0c0b5e0460e818e94bc8fd3dca1f76
source
malwr
link
https://malwr.com/analysis/ODUxZTg3Y2NiYzIyNGI1MGE1NGQ5MGY5M2EwNzc2ZDQ/
malware_name
Mivinad.exe
temp_file
Mivi-738.log
scandate
2015-06-10 12:55:57
parsed
2015-06-24 09:58:34
decrypt_keys
3e51cf28
check_keys
74090789
c2_server
188.120.194.101
baseport
13920
useragent
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/538.37 (KHTML, like Gecko) Chrome/44.0.2457.82 Safari/538.37
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
20
nr_delivery_sites
19
nr_delivery_sites_online
7
nr_payloads
1
ksa
rol
pdir
AMG11
delivered payloads:
1
b8ebaa48ad8e4cc1a629faa33ca5df4c
downloaded
2015-06-24 09:58:34
scanned (on VT)
2015-06-18 04:26:34
positives
38 / 57
detected as
MicroWorld-eScan
Gen:Variant.Dyzap.16
CAT-QuickHeal
Backdoor.NetWiredRC.B4
ALYac
Gen:Variant.Dyzap.16
Malwarebytes
Spyware.Dyre
Zillya
Trojan.Dyre.Win32.133
BitDefender
Gen:Variant.Dyzap.16
K7GW
Trojan ( 004c523f1 )
K7AntiVirus
Trojan ( 004c523f1 )
NANO-Antivirus
Trojan.Win32.Dyre.dstxxg
F-Prot
W32/Dropper.gen8!Maximus
Symantec
WS.Reputation.1
ESET-NOD32
Win32/TrojanDropper.Sikutan.C
TrendMicro-HouseCall
TSPY_DYRE.SLD
Avast
Win64:Malware-gen
Kaspersky
Trojan-Banker.Win32.Dyre.oe
ByteHero
Virus.Win32.Part.c
Ad-Aware
Gen:Variant.Dyzap.16
Sophos
Mal/Wonton-BD
Comodo
TrojWare.Win32.PWS.Dyzap.MY
F-Secure
Gen:Variant.Dyzap.16
DrWeb
DLOADER.Trojan
VIPRE
BehavesLike.Win32.Malware.bsf (vs)
TrendMicro
TSPY_DYRE.SLD
McAfee-GW-Edition
BehavesLike.Win32.CryptDoma.jc
Emsisoft
Gen:Variant.Dyzap.16 (B)
Cyren
W64/Trojan.EOPK-2648
Avira
W32/Etap
Arcabit
Trojan.Dyzap.16
AhnLab-V3
Trojan/Win32.Battdil
Microsoft
PWS:Win32/Dyzap
AVware
BehavesLike.Win32.Malware.bsf (vs)
VBA32
suspected of Trojan.Downloader.gen.h
Panda
Trj/Genetic.gen
Ikarus
Trojan.Win32.Battdil
GData
Gen:Variant.Dyzap.16
AVG
Generic_r.FEN
Baidu-International
Trojan.Win32.Banker.oe
Qihoo-360
Win32/Trojan.c2d
not detected by:
Bkav, nProtect, CMC, AegisLab, TheHacker, ClamAV, Alibaba, Agnitum, ViRobot, Rising, Jiangmin, Fortinet, Antiy-AVL, Kingsoft, SUPERAntiSpyware, TotalDefense, McAfee, Zoner, Tencent
delivery sites:
1
https://78.32.124.231/j11.zip
2
https://76.105.248.137/j11.zip
b8ebaa48ad8e4cc1a629faa33ca5df4c
3
https://75.132.173.27/j11.zip
4
https://76.84.81.120/j11.zip
b8ebaa48ad8e4cc1a629faa33ca5df4c
5
https://76.28.92.4/j11.zip
6
https://65.74.106.143/j11.zip
7
https://66.191.25.136/j11.zip
8
https://98.222.64.184/j11.zip
9
https://69.144.171.44/j11.zip
10
https://65.33.236.173/j11.zip
11
https://66.227.223.219/j11.zip
12
https://96.37.204.12/j11.zip
13
https://66.196.63.33/j11.zip
b8ebaa48ad8e4cc1a629faa33ca5df4c
14
https://69.142.124.76/j11.zip
15
https://216.16.93.250/j11.zip
b8ebaa48ad8e4cc1a629faa33ca5df4c
16
https://24.19.25.40/j11.zip
17
https://98.246.210.27/j11.zip
b8ebaa48ad8e4cc1a629faa33ca5df4c
18
https://66.196.61.218/j11.zip
b8ebaa48ad8e4cc1a629faa33ca5df4c
19
https://71.99.130.24/j11.zip
b8ebaa48ad8e4cc1a629faa33ca5df4c