Overview

overview

10

Static

static

7f6cda2e10...66.exe

windows7_x64

10

7f6cda2e10...66.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f6cda2e1094d7a23335de71c9aef0d3adf5fb2a82c50defc31b9cb9b277ab66

  • Size

    62KB

  • Sample

    220219-yvnkeadffk

  • MD5

    01469677d34a1584b601265f59f4c62d

  • SHA1

    9f5b182fb79ffb722dc05c931c839d1301ac2a17

  • SHA256

    7f6cda2e1094d7a23335de71c9aef0d3adf5fb2a82c50defc31b9cb9b277ab66

  • SHA512

    74d6de17f401319fc5c47d93864c6553f5a3cc461188fd80237b9a784714738c1ee8432b0f287c41f8299f09621c8fec33bdbc3b85517abb0292f518bbc63bb3

Score
10/10
upatredownloader

Malware Config

Targets

    • Target

      7f6cda2e1094d7a23335de71c9aef0d3adf5fb2a82c50defc31b9cb9b277ab66

    • Size

      62KB

    • MD5

      01469677d34a1584b601265f59f4c62d

    • SHA1

      9f5b182fb79ffb722dc05c931c839d1301ac2a17

    • SHA256

      7f6cda2e1094d7a23335de71c9aef0d3adf5fb2a82c50defc31b9cb9b277ab66

    • SHA512

      74d6de17f401319fc5c47d93864c6553f5a3cc461188fd80237b9a784714738c1ee8432b0f287c41f8299f09621c8fec33bdbc3b85517abb0292f518bbc63bb3

    Score
    10/10
    upatredownloader

    • Upatre

      Upatre is a generic malware downloader.

      downloaderupatre

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks