Collection of Upatre Samples ( alpha version)

Config File for d2fde08ab3dece188de7bef3ce1d20e7

md5
d2fde08ab3dece188de7bef3ce1d20e7
source
virusshare
link
download.4n6?sample=031f1eca1e3d6c3a6c01f2ce521309cedd784bf8d4b23b1b963f54eaed625ce8
malware_name
rxgep.exe
temp_file
scandate
0000-00-00 00:00:00
parsed
2015-07-09 15:59:47
decrypt_keys
789da2cb
check_keys
c2_server
188.165.198.52
baseport
9587
useragent
update
payload_format
sim
old
0
clientip
nr_targets
2
nr_delivery_sites
2
nr_delivery_sites_online
1
nr_payloads
1
ksa
inc
pdir
0210out
delivered payloads:
1
cb564cddee07e285a3b38948857d33e9
downloaded
2015-07-09 15:59:47
scanned (on VT)
2015-07-09 13:59:54
positives
29 / 56
detected as
TotalDefense
Win32/Zbot.IPY
MicroWorld-eScan
Gen:Variant.Dyreza.4
CAT-QuickHeal
Ransom.Crowti.A4
Malwarebytes
Spyware.Zbot
Zillya
Backdoor.Androm.Win32.11939
K7AntiVirus
Trojan ( 004a97a51 )
BitDefender
Gen:Variant.Dyreza.4
K7GW
Trojan ( 004a97a51 )
NANO-Antivirus
Trojan.Win32.DownLoader11.dgdgrh
F-Prot
W32/Trojan2.OMRR
ESET-NOD32
Win32/Battdil.F
Avast
Win32:Agent-AUHD [Trj]
GData
Gen:Variant.Dyreza.4
Kaspersky
HEUR:Trojan.Win32.Generic
Ad-Aware
Gen:Variant.Dyreza.4
Emsisoft
Gen:Variant.Dyreza.4 (B)
F-Secure
Gen:Variant.Dyreza.4
VIPRE
Trojan.Win32.Battdil.f (v)
Sophos
Mal/Zbot-QL
Cyren
W32/Trojan.SYOZ-0072
Jiangmin
Backdoor/Androm.fti
Antiy-AVL
Trojan[Backdoor]/Win32.Androm
Arcabit
Trojan.Dyreza.4
AhnLab-V3
Trojan/Win32.Inject
ALYac
Gen:Variant.Dyreza.4
AVware
Trojan.Win32.Battdil.f (v)
VBA32
Backdoor.Androm
Fortinet
W32/Kryptik.CMRA!tr
AVG
SHeur4.CCSP
not detected by:
Bkav, nProtect, McAfee, SUPERAntiSpyware, TheHacker, Symantec, TrendMicro-HouseCall, ClamAV, Alibaba, Agnitum, ViRobot, Tencent, Comodo, DrWeb, TrendMicro, McAfee-GW-Edition, Avira, Kingsoft, AegisLab, Microsoft, ByteHero, Baidu-International, Zoner, Rising, Ikarus, Panda, Qihoo-360
delivery sites:
1
https://amphibiadigital.com/images/images/0210out.pdf
2
https://oispools.com/opt/0210out.pdf
cb564cddee07e285a3b38948857d33e9