upatre | 4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf | Triage

Sharing

General

Target

4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
Size

7KB
Sample

221018-y4lr6sdef6
MD5

34c2cb4e8654afbbb5aa16a7440da550
SHA1

58afaf585e7da7840df9385009c2512b15a1dc6c
SHA256

4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
SHA512

5df2544e55cd99dd4a85ab46d6fdfee4c5b5c33c502ea77ae0656f33035664fc659e4d25915cf7ed7419fe3b18f15abe4fb926349f67e3e959feec62c2701a9e
SSDEEP

96:Z0v4mUWKh9ctgC1Re/YnKymV44ShFa8cfD+mGICK7vCaGR++DH5weYvDrJGR0DwX:9mUWKs/hnKfzShF6SQvXIHgbrWWwX

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
- Size
  
  7KB
- MD5
  
  34c2cb4e8654afbbb5aa16a7440da550
- SHA1
  
  58afaf585e7da7840df9385009c2512b15a1dc6c
- SHA256
  
  4e39a22482c45bce5f3c5bea56014534358f6780ed4fedb979a121fc667ae4bf
- SHA512
  
  5df2544e55cd99dd4a85ab46d6fdfee4c5b5c33c502ea77ae0656f33035664fc659e4d25915cf7ed7419fe3b18f15abe4fb926349f67e3e959feec62c2701a9e
- SSDEEP
  
  96:Z0v4mUWKh9ctgC1Re/YnKymV44ShFa8cfD+mGICK7vCaGR++DH5weYvDrJGR0DwX:9mUWKs/hnKfzShF6SQvXIHgbrWWwX
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader