upatre | 918ca949da42369c740bc67b58daaab887dd133da2ba79caf8f9eba083b1c7b6 | Triage

Sharing

General

Target

918ca949da42369c740bc67b58daaab887dd133da2ba79caf8f9eba083b1c7b6
Size

32KB
Sample

221023-l2yyhahff3
MD5

a52ef78a7181df36ad0ddf7b0627c49d
SHA1

61b38416248d4090d6648e5101add93a693ca5a9
SHA256

918ca949da42369c740bc67b58daaab887dd133da2ba79caf8f9eba083b1c7b6
SHA512

2d22f49b702b5b5923cb13e8d13487850c3965834441fe0520549caaf5fffc51fc973dc6ed5d0bf81885d38ed67eed33ed7a20d43b34108f8327172848309ad8
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rPjax0:GY9jw/dUT62rGdiUOWWr7aO

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  918ca949da42369c740bc67b58daaab887dd133da2ba79caf8f9eba083b1c7b6
- Size
  
  32KB
- MD5
  
  a52ef78a7181df36ad0ddf7b0627c49d
- SHA1
  
  61b38416248d4090d6648e5101add93a693ca5a9
- SHA256
  
  918ca949da42369c740bc67b58daaab887dd133da2ba79caf8f9eba083b1c7b6
- SHA512
  
  2d22f49b702b5b5923cb13e8d13487850c3965834441fe0520549caaf5fffc51fc973dc6ed5d0bf81885d38ed67eed33ed7a20d43b34108f8327172848309ad8
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rPjax0:GY9jw/dUT62rGdiUOWWr7aO
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

upatredownloader