Overview

overview

10

Static

static

c968285b56...27.exe

windows7_x64

10

c968285b56...27.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c968285b5681444861ce8eb8ff710ff92ff951920f54c268f0b5832b7644b827

  • Size

    32KB

  • Sample

    220219-xxtzjacbh7

  • MD5

    fb6a1f9c663218d105802bd68a6c7528

  • SHA1

    c82db330f125cfec884b6a334225dc74b76b2a19

  • SHA256

    c968285b5681444861ce8eb8ff710ff92ff951920f54c268f0b5832b7644b827

  • SHA512

    d6ccde34457861907f996d687636286ea37636d88a94e6cd91e8e09ceb2d69c17258bb7148d6051dcba101606543e9d21a49ad849815507f11caa83629795f12

Score
10/10
upatredownloader

Malware Config

Targets

    • Target

      c968285b5681444861ce8eb8ff710ff92ff951920f54c268f0b5832b7644b827

    • Size

      32KB

    • MD5

      fb6a1f9c663218d105802bd68a6c7528

    • SHA1

      c82db330f125cfec884b6a334225dc74b76b2a19

    • SHA256

      c968285b5681444861ce8eb8ff710ff92ff951920f54c268f0b5832b7644b827

    • SHA512

      d6ccde34457861907f996d687636286ea37636d88a94e6cd91e8e09ceb2d69c17258bb7148d6051dcba101606543e9d21a49ad849815507f11caa83629795f12

    Score
    10/10
    upatredownloader

    • Upatre

      Upatre is a generic malware downloader.

      downloaderupatre

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks