upatre | 80894e54a1a13670bf8a19b0ea4f98e41b51df0d259abf23995558395d0b52d3 | Triage

Sharing

General

Target

80894e54a1a13670bf8a19b0ea4f98e41b51df0d259abf23995558395d0b52d3
Size

38KB
Sample

221023-gqbavagggq
MD5

0719aed0dcdabcd37746c760da66e297
SHA1

450b0dd62138b3fad100ce2bf0db9a6172f5c83f
SHA256

80894e54a1a13670bf8a19b0ea4f98e41b51df0d259abf23995558395d0b52d3
SHA512

92e1631aa9b9eb11b43724eb0144af37169e78a9075a597cf5856e0891d3c0213760c8b85eb5028b99b6daa115ab5ab7d75c2161015eaa3cc8d41ffe4de848c0
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95k5mw+s:GY9jw/dUT62rGdiUOWWrNmf

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  80894e54a1a13670bf8a19b0ea4f98e41b51df0d259abf23995558395d0b52d3
- Size
  
  38KB
- MD5
  
  0719aed0dcdabcd37746c760da66e297
- SHA1
  
  450b0dd62138b3fad100ce2bf0db9a6172f5c83f
- SHA256
  
  80894e54a1a13670bf8a19b0ea4f98e41b51df0d259abf23995558395d0b52d3
- SHA512
  
  92e1631aa9b9eb11b43724eb0144af37169e78a9075a597cf5856e0891d3c0213760c8b85eb5028b99b6daa115ab5ab7d75c2161015eaa3cc8d41ffe4de848c0
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95k5mw+s:GY9jw/dUT62rGdiUOWWrNmf
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

upatredownloader