upatre | 4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf | Triage

Sharing

General

Target

4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
Size

7KB
Sample

221018-y4lr6sdef6
MD5

34c2cb4e8654afbbb5aa16a7440da550
SHA1

58afaf585e7da7840df9385009c2512b15a1dc6c
SHA256

4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
SHA512

5df2544e55cd99dd4a85ab46d6fdfee4c5b5c33c502ea77ae0656f33035664fc659e4d25915cf7ed7419fe3b18f15abe4fb926349f67e3e959feec62c2701a9e
SSDEEP

96:Z0v4mUWKh9ctgC1Re/YnKymV44ShFa8cfD+mGICK7vCaGR++DH5weYvDrJGR0DwX:9mUWKs/hnKfzShF6SQvXIHgbrWWwX

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
- Size
  
  7KB
- MD5
  
  34c2cb4e8654afbbb5aa16a7440da550
- SHA1
  
  58afaf585e7da7840df9385009c2512b15a1dc6c
- SHA256
  
  4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
- SHA512
  
  5df2544e55cd99dd4a85ab46d6fdfee4c5b5c33c502ea77ae0656f33035664fc659e4d25915cf7ed7419fe3b18f15abe4fb926349f67e3e959feec62c2701a9e
- SSDEEP
  
  96:Z0v4mUWKh9ctgC1Re/YnKymV44ShFa8cfD+mGICK7vCaGR++DH5weYvDrJGR0DwX:9mUWKs/hnKfzShF6SQvXIHgbrWWwX
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader