upatre | 7927df47c0c78ba6770caaf8ef282c6d2f6ccbb57aba77886c2bcad56a5e6082 | Triage

Sharing

General

Target

virussign.com_1da5c915374dcdb32adeaa4d0fc61770
Size

32KB
Sample

220715-rwaavabcf3
MD5

1da5c915374dcdb32adeaa4d0fc61770
SHA1

fb8f9d14cb4b763b988060014f3779ead3cdf488
SHA256

7927df47c0c78ba6770caaf8ef282c6d2f6ccbb57aba77886c2bcad56a5e6082
SHA512

c6de5e7db7b04ca4349f12e6b51ec72bc46bbfb9741fb50eea13e97861051c3f4d293ba9b40ac2bb465cd5f6e741c124bb8fa3127874d655494652d68ea66020

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  virussign.com_1da5c915374dcdb32adeaa4d0fc61770
- Size
  
  32KB
- MD5
  
  1da5c915374dcdb32adeaa4d0fc61770
- SHA1
  
  fb8f9d14cb4b763b988060014f3779ead3cdf488
- SHA256
  
  7927df47c0c78ba6770caaf8ef282c6d2f6ccbb57aba77886c2bcad56a5e6082
- SHA512
  
  c6de5e7db7b04ca4349f12e6b51ec72bc46bbfb9741fb50eea13e97861051c3f4d293ba9b40ac2bb465cd5f6e741c124bb8fa3127874d655494652d68ea66020
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader