Collection of Upatre Samples ( alpha version)

Config File for f46a6beb47c2ef76f9a36a208917b990

md5
f46a6beb47c2ef76f9a36a208917b990
source
virusshare
link
download.4n6?sample=dcbb04632fc0484bdc080ed2fe64b8eea89e8d743858f2a27de1d3aec443ed41
malware_name
filnamer.exe
temp_file
LogB5DE.tmp
scandate
2015-07-24 17:56:00
parsed
2015-11-18 02:10:13
decrypt_keys
137fb05b
check_keys
5c901c2a
c2_server
91.211.17.201
baseport
13920
useragent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
17
nr_delivery_sites
16
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
SAT22
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://217.168.210.122/tase22.pdf
2
https://80.250.7.219/tase22.pdf
3
https://91.245.19.13/tase22.pdf
4
https://46.167.215.35/tase22.pdf
5
https://87.249.142.189/tase22.pdf
6
https://46.229.124.103/tase22.pdf
7
https://85.135.104.170/tase22.pdf
8
https://193.86.104.15/tase22.pdf
9
https://81.90.175.7/tase22.pdf
10
https://89.203.194.212/tase22.pdf
11
https://160.218.186.106/tase22.pdf
12
https://91.245.26.136/tase22.pdf
13
https://89.203.144.101/tase22.pdf
14
https://94.127.129.214/tase22.pdf
15
https://216.245.211.242/tase22.pdf
16
https://84.246.161.47/tase22.pdf