Collection of Upatre Samples ( alpha version)

Overview

Overview of the collected samples.

Statistics

Distribution of selected config values.

IOCs

Network IOCs for the C2 servers and payload delivery sites.

Payloads

MD5 sums of the (decrypted) payloads.

Config File for f5d98681775ba93d5cd9a8df0df15078

md5
f5d98681775ba93d5cd9a8df0df15078
source
virusshare
link
download.4n6?sample=89f328f73c4706174bfe3b2f0ba7b92fc1aa08042aeb5a5e3c81961924ad901e
malware_name
realviewer.exe
temp_file
datC4DF.tmp
scandate
0000-00-00 00:00:00
parsed
2015-06-29 00:36:45
decrypt_keys
71b90c97
check_keys
1c8d0f3f
c2_server
141.105.141.87
baseport
9587
useragent
Mazilla/5.0
payload_format
reg
old
1
clientip
checkip.dyndns.org
nr_targets
3
nr_delivery_sites
2
nr_delivery_sites_online
0
nr_payloads
0
ksa
pdir
0904uk14
delivered payloads:
no payloads delivered when checked
delivery sites:
1
http://hatova.com/img/pic14.png
2
http://hardtmason.com/images/pic14.png