upatre | 8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7 | Triage

Sharing

General

Target

8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
Size

31KB
Sample

221023-kafgeahdek
MD5

4c0b4f0c7c1e6d352827e744b32a9fb7
SHA1

044734d2153a2e2cb1a781533010dd432efc9082
SHA256

8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
SHA512

933e960f3e7d5d376f77783ef1394791e450ec8b2231ed5cef2289d447e3e5121dc43f3fab5ac376f5df06a501db783267387d9f7e8089bd7cd3677beecdf3bd
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh9uT:GY9jw/dUT62rGdiUOWWrG

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
- Size
  
  31KB
- MD5
  
  4c0b4f0c7c1e6d352827e744b32a9fb7
- SHA1
  
  044734d2153a2e2cb1a781533010dd432efc9082
- SHA256
  
  8a8d6d8ff7ce57a0717b8850bce82010e64e3160c1db958d70bfa6f5e6f420b7
- SHA512
  
  933e960f3e7d5d376f77783ef1394791e450ec8b2231ed5cef2289d447e3e5121dc43f3fab5ac376f5df06a501db783267387d9f7e8089bd7cd3677beecdf3bd
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh9uT:GY9jw/dUT62rGdiUOWWrG
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

upatredownloader