Overview

overview

10

Static

static

53ebba2bdf...93.exe

windows7_x64

10

53ebba2bdf...93.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53ebba2bdf2eeba274fb53c20d6c28c50d6d4de2fe4575954a7450b86eded193

  • Size

    34KB

  • Sample

    220219-zfxefachh4

  • MD5

    866ee14254b9a348ca6ff997c7e4dffd

  • SHA1

    c5036614648bfb9984d94fba24cead26e2a9d8ba

  • SHA256

    53ebba2bdf2eeba274fb53c20d6c28c50d6d4de2fe4575954a7450b86eded193

  • SHA512

    f59dae9914f43751df9c1b63b5508f7c47c5e994899c65cebd2a655bedfb323699e7af89642144dd3d50b01193d08e57f8e4b2ecb338630fe1f7e5fb6b36535d

Score
10/10
upatredownloader

Malware Config

Targets

    • Target

      53ebba2bdf2eeba274fb53c20d6c28c50d6d4de2fe4575954a7450b86eded193

    • Size

      34KB

    • MD5

      866ee14254b9a348ca6ff997c7e4dffd

    • SHA1

      c5036614648bfb9984d94fba24cead26e2a9d8ba

    • SHA256

      53ebba2bdf2eeba274fb53c20d6c28c50d6d4de2fe4575954a7450b86eded193

    • SHA512

      f59dae9914f43751df9c1b63b5508f7c47c5e994899c65cebd2a655bedfb323699e7af89642144dd3d50b01193d08e57f8e4b2ecb338630fe1f7e5fb6b36535d

    Score
    10/10
    upatredownloader

    • Upatre

      Upatre is a generic malware downloader.

      downloaderupatre

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks