upatre | 9d79bd73e45c4d782bcd4fc499786c34c7cd861edad0539fa719f1ca32205ab3 | Triage

Sharing

General

Target

9d79bd73e45c4d782bcd4fc499786c34c7cd861edad0539fa719f1ca32205ab3
Size

39KB
Sample

221023-qgwd4aadf7
MD5

47071bb058ab1d1d694466499468b632
SHA1

c46ecf2a07422ccf024e2852ff5aef52067fabdb
SHA256

9d79bd73e45c4d782bcd4fc499786c34c7cd861edad0539fa719f1ca32205ab3
SHA512

067a31f7506eddbdd8d662aba96793cdd8f9c3d57a2aac53a0d14f9ddf6ab286571254a5719162556e7c235ad71c971c5e56c6ab475e4f248ddada0bdb67d2c2
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95k5mw2:GY9jw/dUT62rGdiUOWWrNmk

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  9d79bd73e45c4d782bcd4fc499786c34c7cd861edad0539fa719f1ca32205ab3
- Size
  
  39KB
- MD5
  
  47071bb058ab1d1d694466499468b632
- SHA1
  
  c46ecf2a07422ccf024e2852ff5aef52067fabdb
- SHA256
  
  9d79bd73e45c4d782bcd4fc499786c34c7cd861edad0539fa719f1ca32205ab3
- SHA512
  
  067a31f7506eddbdd8d662aba96793cdd8f9c3d57a2aac53a0d14f9ddf6ab286571254a5719162556e7c235ad71c971c5e56c6ab475e4f248ddada0bdb67d2c2
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95k5mw2:GY9jw/dUT62rGdiUOWWrNmk
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

upatredownloader