upatre | ab0ab9568083056cdd54ca4d46c53bc9e309eebe3e19222b59989af43d4be31f | Triage

Sharing

General

Target

ab0ab9568083056cdd54ca4d46c53bc9e309eebe3e19222b59989af43d4be31f
Size

8KB
Sample

221017-z1gvgsdcb4
MD5

bf84c88e9799da266f64b145ed624a96
SHA1

944f58671ff9da706129e2009723340ba266136e
SHA256

ab0ab9568083056cdd54ca4d46c53bc9e309eebe3e19222b59989af43d4be31f
SHA512

13fb049097550b722d58445f8c29cff5da6f5765e469ffe84db78ba094f8bca595537cd53d21b118633f272b6b4bb80a9ac7aef163c396b23d0f12b0ffc54899
SSDEEP

192:9mUWKs/nLnKfzSh2U95Qd96rD5IuEvI4fcii:6K+zKfzQz9v5jGnch

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  ab0ab9568083056cdd54ca4d46c53bc9e309eebe3e19222b59989af43d4be31f
- Size
  
  8KB
- MD5
  
  bf84c88e9799da266f64b145ed624a96
- SHA1
  
  944f58671ff9da706129e2009723340ba266136e
- SHA256
  
  ab0ab9568083056cdd54ca4d46c53bc9e309eebe3e19222b59989af43d4be31f
- SHA512
  
  13fb049097550b722d58445f8c29cff5da6f5765e469ffe84db78ba094f8bca595537cd53d21b118633f272b6b4bb80a9ac7aef163c396b23d0f12b0ffc54899
- SSDEEP
  
  192:9mUWKs/nLnKfzSh2U95Qd96rD5IuEvI4fcii:6K+zKfzQz9v5jGnch
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader