upatre | 8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7 | Triage

Sharing

General

Target

8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
Size

31KB
Sample

221023-kafgeahdek
MD5

4c0b4f0c7c1e6d352827e744b32a9fb7
SHA1

044734d2153a2e2cb1a781533010dd432efc9082
SHA256

8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
SHA512

933e960f3e7d5d376f77783ef1394791e450ec8b2231ed5cef2289d447e3e5121dc43f3fab5ac376f5df06a501db783267387d9f7e8089bd7cd3677beecdf3bd
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh9uT:GY9jw/dUT62rGdiUOWWrG

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
- Size
  
  31KB
- MD5
  
  4c0b4f0c7c1e6d352827e744b32a9fb7
- SHA1
  
  044734d2153a2e2cb1a781533010dd432efc9082
- SHA256
  
  8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
- SHA512
  
  933e960f3e7d5d376f77783ef1394791e450ec8b2231ed5cef2289d447e3e5121dc43f3fab5ac376f5df06a501db783267387d9f7e8089bd7cd3677beecdf3bd
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh9uT:GY9jw/dUT62rGdiUOWWrG
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

upatredownloader