Collection of Upatre Samples ( alpha version)

Config File for de6e3757ae95f89839592359c056d4c7

md5
de6e3757ae95f89839592359c056d4c7
source
malwr
link
https://malwr.com/analysis/ZTFmMmQ0ZWQxYzdkNDY4YmIxYjIxZjIwMmMyNjk3ZDI/
malware_name
newviewer.exe
temp_file
371Log.txt
scandate
2015-05-19 05:45:40
parsed
2015-06-26 00:35:46
decrypt_keys
6d7627f6
check_keys
134b4e0a
c2_server
93.185.4.90
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
16
nr_delivery_sites
15
nr_delivery_sites_online
4
nr_payloads
1
ksa
dec2
pdir
TIK22
delivered payloads:
1
153d717982b5e0043064ba6d27c83648
downloaded
2015-06-26 00:35:46
scanned (on VT)
2015-05-21 16:27:42
positives
27 / 57
detected as
MicroWorld-eScan
Gen:Trojan.Heur.NuW@I5nV5yji
McAfee
Artemis!54D66A202145
Malwarebytes
Spyware.Dyre
F-Prot
W32/Dropper.gen8!Maximus
TrendMicro-HouseCall
Suspicious_GEN.F47V0519
Avast
Win64:Evo-gen [Susp]
Kaspersky
Trojan-Downloader.Win32.Upatre.aiaj
BitDefender
Gen:Trojan.Heur.NuW@I5nV5yji
Ad-Aware
Gen:Trojan.Heur.NuW@I5nV5yji
Emsisoft
Gen:Trojan.Heur.NuW@I5nV5yji (B)
F-Secure
Gen:Trojan.Heur.NuW@I5nV5yji
DrWeb
DLOADER.Trojan
VIPRE
BehavesLike.Win32.Malware.bsf (vs)
TrendMicro
Cryp_Xin2
McAfee-GW-Edition
BehavesLike.Win32.BadFile.jh
Sophos
Troj/Agent-ANFY
Cyren
W64/Trojan.NRSO-8006
Avira
W32/Etap
Microsoft
TrojanDropper:Win32/Evotob.C
AhnLab-V3
Trojan/Win32.Agent
GData
Gen:Trojan.Heur.NuW@I5nV5yji
AVware
BehavesLike.Win32.Malware.bsf (vs)
ESET-NOD32
Win32/Battdil.R
Ikarus
Trojan.Win32.Crypt
Fortinet
W32/Agent.ANFY!tr
AVG
Crypt4.AINX.dropper
Panda
Trj/Genetic.gen
not detected by:
Bkav, nProtect, CMC, CAT-QuickHeal, Zillya, SUPERAntiSpyware, K7AntiVirus, Alibaba, K7GW, TheHacker, NANO-Antivirus, Symantec, Norman, TotalDefense, ClamAV, Agnitum, ViRobot, Tencent, Comodo, Jiangmin, Antiy-AVL, Kingsoft, AegisLab, ByteHero, ALYac, VBA32, Baidu-International, Zoner, Rising, Qihoo-360
delivery sites:
1
https://94.154.107.172/tiket22.png
153d717982b5e0043064ba6d27c83648
2
https://178.222.250.35/tiket22.png
153d717982b5e0043064ba6d27c83648
3
https://68.170.58.11/tiket22.png
4
https://79.101.42.247/tiket22.png
5
https://178.219.10.23/tiket22.png
6
https://188.255.249.28/tiket22.png
7
https://209.240.179.10/tiket22.png
8
https://38.66.20.98/tiket22.png
9
https://96.46.99.215/tiket22.png
153d717982b5e0043064ba6d27c83648
10
https://162.249.150.113/tiket22.png
11
https://173.248.13.100/tiket22.png
12
https://109.75.154.46/tiket22.png
13
https://194.106.166.22/tiket22.png
153d717982b5e0043064ba6d27c83648
14
https://188.255.186.193/tiket22.png
15
https://95.143.130.63/tiket22.png