Collection of Upatre Samples ( alpha version)

Config File for e610e0b20ad7b1255de9ff659024c2c3

md5
e610e0b20ad7b1255de9ff659024c2c3
source
virusshare
link
download.4n6?sample=f9046c5fbdddee04dd8fbf6e187a630b88a961243b20933afcb0e36091847d59
malware_name
zbhnd.exe
temp_file
scandate
0000-00-00 00:00:00
parsed
2015-07-09 15:41:16
decrypt_keys
7cc66a17
check_keys
c2_server
95.141.37.158
baseport
9587
useragent
Firefox
payload_format
sim
old
0
clientip
nr_targets
2
nr_delivery_sites
2
nr_delivery_sites_online
1
nr_payloads
1
ksa
inc
pdir
0809uk1
delivered payloads:
1
187753caf43db87d7c49e2a0ce27f7f6
downloaded
2015-07-09 15:41:16
scanned (on VT)
2015-07-09 13:41:35
positives
29 / 56
detected as
MicroWorld-eScan
Gen:Variant.Dyreza.4
CAT-QuickHeal
Ransom.Crowti.A4
ALYac
Gen:Variant.Dyreza.4
VIPRE
Trojan.Win32.Kryptik.cns (v)
K7GW
Trojan ( 004a94fb1 )
K7AntiVirus
Trojan ( 004a94fb1 )
F-Prot
W32/Backdoor2.HWGK
ESET-NOD32
Win32/Battdil.E
Avast
Win32:Agent-AUDV [Trj]
GData
Gen:Variant.Dyreza.4
Kaspersky
HEUR:Trojan.Win32.Generic
BitDefender
Gen:Variant.Dyreza.4
NANO-Antivirus
Riskware.Win32.ArchSMS.devlnv
Ad-Aware
Gen:Variant.Dyreza.4
Emsisoft
Gen:Variant.Dyreza.4 (B)
F-Secure
Gen:Variant.Dyreza.4
DrWeb
Trojan.Dyre.5
Zillya
Trojan.ArchSMS.Win32.25807
McAfee-GW-Edition
Downloader-FSH!2B8CD80BB6A4
Sophos
Troj/Agent-AITI
Cyren
W32/Backdoor.JNPW-0664
Antiy-AVL
HackTool[Hoax]/Win32.ArchSMS
Arcabit
Trojan.Dyreza.4
AhnLab-V3
Trojan/Win32.Zbot
McAfee
Downloader-FSH
AVware
Trojan.Win32.Kryptik.cns (v)
Fortinet
W32/Kryptik.CMRA!tr
AVG
SHeur4.CBRF
Panda
Trj/Agent.JIQ
not detected by:
Bkav, TotalDefense, nProtect, Malwarebytes, SUPERAntiSpyware, TheHacker, Alibaba, Agnitum, Symantec, TrendMicro-HouseCall, ClamAV, ViRobot, Tencent, Comodo, TrendMicro, Jiangmin, Avira, Kingsoft, AegisLab, Microsoft, ByteHero, VBA32, Baidu-International, Zoner, Rising, Ikarus, Qihoo-360
delivery sites:
1
https://bullethood.com/ProfilePics/0809uk1.zip
2
https://peaksms.com/imagesold/0809uk1.zip
187753caf43db87d7c49e2a0ce27f7f6