upatre | a52221256cbad99355bdc1d4f39e75b39e8ac1aeee690b16dfedd9246c30d855 | Triage

Sharing

General

Target

a52221256cbad99355bdc1d4f39e75b39e8ac1aeee690b16dfedd9246c30d855
Size

36KB
Sample

221023-sg2bfsbabm
MD5

b13503d3caf5584720a03e30cc78368d
SHA1

1b2e9c74b05a8a1b511727d488017cf3045042c7
SHA256

a52221256cbad99355bdc1d4f39e75b39e8ac1aeee690b16dfedd9246c30d855
SHA512

e6a8516ab0f53c859902a87f0ac106bfa17117310a2b2381b8a8076d3ade9dae967e0cac3b9390223f1bceb7939dea1b4cda250d913d23c75b240612893a9ceb
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95kyq0Quh:GY9jw/dUT62rGdiUOWWrNH

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  a52221256cbad99355bdc1d4f39e75b39e8ac1aeee690b16dfedd9246c30d855
- Size
  
  36KB
- MD5
  
  b13503d3caf5584720a03e30cc78368d
- SHA1
  
  1b2e9c74b05a8a1b511727d488017cf3045042c7
- SHA256
  
  a52221256cbad99355bdc1d4f39e75b39e8ac1aeee690b16dfedd9246c30d855
- SHA512
  
  e6a8516ab0f53c859902a87f0ac106bfa17117310a2b2381b8a8076d3ade9dae967e0cac3b9390223f1bceb7939dea1b4cda250d913d23c75b240612893a9ceb
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95kyq0Quh:GY9jw/dUT62rGdiUOWWrNH
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

upatredownloader