Overview

overview

10

Static

static

35b0c08624...c8.exe

windows7_x64

10

35b0c08624...c8.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    35b0c08624e805916b3e4488d12ba5f97a8a729d4a146c690c1b37db95ddffc8

  • Size

    130KB

  • Sample

    220626-3ddfbseeek

  • MD5

    f79e4ace3ed9cdba0481aa3959115c8d

  • SHA1

    c777373a214b38186632501ce81cd415da89f830

  • SHA256

    35b0c08624e805916b3e4488d12ba5f97a8a729d4a146c690c1b37db95ddffc8

  • SHA512

    1b2352458e42dde3cb6c126abce48c67fe6a0a39ad88032e4b0af5c630c10b77ad95d6def7a955ad24c4cace4bf79b8454b9b14905056bc6e06e2646c064c77e

Score
10/10
upatredownloader

Malware Config

Targets

    • Target

      35b0c08624e805916b3e4488d12ba5f97a8a729d4a146c690c1b37db95ddffc8

    • Size

      130KB

    • MD5

      f79e4ace3ed9cdba0481aa3959115c8d

    • SHA1

      c777373a214b38186632501ce81cd415da89f830

    • SHA256

      35b0c08624e805916b3e4488d12ba5f97a8a729d4a146c690c1b37db95ddffc8

    • SHA512

      1b2352458e42dde3cb6c126abce48c67fe6a0a39ad88032e4b0af5c630c10b77ad95d6def7a955ad24c4cace4bf79b8454b9b14905056bc6e06e2646c064c77e

    Score
    10/10
    upatredownloader

    • Upatre

      Upatre is a generic malware downloader.

      downloaderupatre

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks