Collection of Upatre Samples ( alpha version)

Config File for fce100db0d58d1f77f5efa6d1823dc90

md5
fce100db0d58d1f77f5efa6d1823dc90
source
virusshare
link
download.4n6?sample=cb32c91a86b323b3fd0400f7fbfaf5bebfe2446c32f607d1bf08d6cecb29f8a6
malware_name
zaxosoft.exe
temp_file
ZaxoA465.tmp
scandate
2015-08-18 08:41:31
parsed
2015-11-17 22:18:07
decrypt_keys
1c6b5537
check_keys
1ce5060f
c2_server
188.120.194.101
baseport
9587
useragent
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.36 (KHTML, like Gecko) Chrome/42.0.2357.81 Safari/536.36
payload_format
reg
old
0
clientip
icanhazip.com
nr_targets
16
nr_delivery_sites
15
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
NIKI12
delivered payloads:
no payloads delivered when checked
delivery sites:
1
https://84.246.161.47/nikir12.png
2
https://217.168.210.122/nikir12.png
3
https://81.90.175.7/nikir12.png
4
https://193.86.104.15/nikir12.png
5
https://160.218.186.106/nikir12.png
6
https://62.204.250.26/nikir12.png
7
https://94.103.54.19/nikir12.png
8
https://79.120.246.61/nikir12.png
9
https://81.93.205.218/nikir12.png
10
https://81.93.205.251/nikir12.png
11
https://87.229.109.250/nikir12.png
12
https://91.83.152.76/nikir12.png
13
https://178.253.205.89/nikir12.png
14
https://185.47.89.249/nikir12.png
15
https://38.124.172.139/nikir12.png