General

  • Target

    b2c068efce2f4cdcc15263f48d1cb353c605b571d944cb78560d069c4ea3ed96

  • Size

    35KB

  • Sample

    220309-f7f2zsggan

  • MD5

    01a6747288c06724ec9d3bde416ec009

  • SHA1

    b10f2049c59ec194444e1248d2fc356b0a68f0bb

  • SHA256

    b2c068efce2f4cdcc15263f48d1cb353c605b571d944cb78560d069c4ea3ed96

  • SHA512

    2935405634c6075558abcb129d96a03615f8ff800dc7d2407d85cc8a6455ad6c4fa877c0e6fab7bad83109a434037392a265156c3fd0ded0143044cfdd7573cd

Score
10/10

Malware Config

Targets

    • Target

      b2c068efce2f4cdcc15263f48d1cb353c605b571d944cb78560d069c4ea3ed96

    • Size

      35KB

    • MD5

      01a6747288c06724ec9d3bde416ec009

    • SHA1

      b10f2049c59ec194444e1248d2fc356b0a68f0bb

    • SHA256

      b2c068efce2f4cdcc15263f48d1cb353c605b571d944cb78560d069c4ea3ed96

    • SHA512

      2935405634c6075558abcb129d96a03615f8ff800dc7d2407d85cc8a6455ad6c4fa877c0e6fab7bad83109a434037392a265156c3fd0ded0143044cfdd7573cd

    Score
    10/10
    • Upatre

      Upatre is a generic malware downloader.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks