upatre | 444f8a0f7f579bd80e89a546cdfb8dd3dd1a1b280ddde5c01165cba55d7575b5 | Triage

Sharing

General

Target

444f8a0f7f579bd80e89a546cdfb8dd3dd1a1b280ddde5c01165cba55d7575b5
Size

43KB
Sample

220707-yd1hmshcfr
MD5

aa9eb138d6dbfde3ebdcfa12e7091fd9
SHA1

53234d0169170feaa9347b0dbbd4a6fff2addec4
SHA256

444f8a0f7f579bd80e89a546cdfb8dd3dd1a1b280ddde5c01165cba55d7575b5
SHA512

339aee202640fc4851e443c58f3d825a9022bf96f343d4f52c92722a7bcb7c07726a532dd1977fb7c59976d1554752ea4cff6b184c88f19a27d89248d03bf741

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  444f8a0f7f579bd80e89a546cdfb8dd3dd1a1b280ddde5c01165cba55d7575b5
- Size
  
  43KB
- MD5
  
  aa9eb138d6dbfde3ebdcfa12e7091fd9
- SHA1
  
  53234d0169170feaa9347b0dbbd4a6fff2addec4
- SHA256
  
  444f8a0f7f579bd80e89a546cdfb8dd3dd1a1b280ddde5c01165cba55d7575b5
- SHA512
  
  339aee202640fc4851e443c58f3d825a9022bf96f343d4f52c92722a7bcb7c07726a532dd1977fb7c59976d1554752ea4cff6b184c88f19a27d89248d03bf741
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader