Collection of Upatre Samples ( alpha version)

Config File for c3895e7fe5a882b09fdcf86b163cb0b8

md5
c3895e7fe5a882b09fdcf86b163cb0b8
source
malwr
link
https://malwr.com/analysis/ZDA0YzI5NGE2OGZjNGRhZGFlNDQxOGVhMTY4MWM3ZWQ/
malware_name
homeupd.exe
temp_file
AUX7033.tmp
scandate
2015-02-19 08:23:08
parsed
2015-06-28 15:10:56
decrypt_keys
3eabc505
check_keys
443dc108
c2_server
31.43.236.251
baseport
9587
useragent
Mazilla/5.0
payload_format
reg
old
0
clientip
checkip.dyndns.org
nr_targets
3
nr_delivery_sites
2
nr_delivery_sites_online
1
nr_payloads
1
ksa
inc
pdir
1902us21
delivered payloads:
1
f0ff823b1c0152be4cce55ff87590d18
downloaded
2015-06-28 15:10:56
scanned (on VT)
2015-06-28 13:27:03
positives
34 / 56
detected as
MicroWorld-eScan
Gen:Trojan.Heur.EuW@InHM6Sgi
CAT-QuickHeal
Backdoor.NetWiredRC.B4
Malwarebytes
Spyware.Dyre
K7AntiVirus
Trojan ( 004b4db91 )
K7GW
Trojan ( 004b4db91 )
Agnitum
Trojan.Staser!
F-Prot
W32/Heuristic-KPP!Eldorado
Symantec
Downloader.Upatre!gm
ESET-NOD32
Win32/TrojanDropper.Agent.QYR
TrendMicro-HouseCall
TROJ_UPATRE.SMC1
Avast
Win64:GenMalicious-CM [Trj]
GData
Gen:Trojan.Heur.EuW@InHM6Sgi
Kaspersky
Trojan.Win32.Staser.bazw
BitDefender
Gen:Trojan.Heur.EuW@InHM6Sgi
NANO-Antivirus
Trojan.Win32.Staser.dojrua
Ad-Aware
Gen:Trojan.Heur.EuW@InHM6Sgi
Emsisoft
Gen:Trojan.Heur.EuW@InHM6Sgi (B)
Comodo
TrojWare.Win32.PWS.Dyzap.MY
F-Secure
Gen:Trojan.Heur.EuW@InHM6Sgi
DrWeb
Trojan.Dyre.43
VIPRE
Trojan.Win32.Encpk.agsb (v)
TrendMicro
TROJ_SPNV.01BK15
Sophos
Mal/Upatre-R
Cyren
W32/Heuristic-KPP!Eldorado
Avira
TR/Crypt.EPACK.21152
Arcabit
Trojan.Heur.EC34CF
AhnLab-V3
Trojan/Win32.Dyzap
Microsoft
PWS:Win32/Dyzap.M
ByteHero
Virus.Win32.Part.a
AVware
Trojan.Win32.Encpk.agsb (v)
VBA32
Trojan.Staser
Ikarus
Trojan.Win32.Battdil
AVG
Crypt3.CERH
Panda
Trj/Genetic.gen
not detected by:
Bkav, TotalDefense, nProtect, McAfee, Zillya, Alibaba, TheHacker, ClamAV, ViRobot, AegisLab, Tencent, McAfee-GW-Edition, Jiangmin, Antiy-AVL, Kingsoft, SUPERAntiSpyware, ALYac, Baidu-International, Zoner, Rising, Fortinet, Qihoo-360
delivery sites:
1
https://geothermole.com/mandoc/gb_eule.pdf
2
https://tamax.de/mandoc/gb_eule.pdf
f0ff823b1c0152be4cce55ff87590d18