upatre | af4796a69bd09a7af59e71f11f64c986f213a368e473853b527ffc88fc163bcc | Triage

Sharing

General

Target

af4796a69bd09a7af59e71f11f64c986f213a368e473853b527ffc88fc163bcc
Size

32KB
Sample

221023-wcyxbabfdm
MD5

b8e8d6e56c86cb32eae2e3440a2b30a1
SHA1

0af9c6d368d88d3ea56a572ceac1a4544ffbdbfe
SHA256

af4796a69bd09a7af59e71f11f64c986f213a368e473853b527ffc88fc163bcc
SHA512

dcb68d0483c09a6fd1c35879c26545180590edbe9ebb1467a5f05ee3318750e6a8a53df665d8b6e1a38699f40a48187e93c796869a82943c2c25e1a3add4c2bf
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rPjaxz:GY9jw/dUT62rGdiUOWWr7aF

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  af4796a69bd09a7af59e71f11f64c986f213a368e473853b527ffc88fc163bcc
- Size
  
  32KB
- MD5
  
  b8e8d6e56c86cb32eae2e3440a2b30a1
- SHA1
  
  0af9c6d368d88d3ea56a572ceac1a4544ffbdbfe
- SHA256
  
  af4796a69bd09a7af59e71f11f64c986f213a368e473853b527ffc88fc163bcc
- SHA512
  
  dcb68d0483c09a6fd1c35879c26545180590edbe9ebb1467a5f05ee3318750e6a8a53df665d8b6e1a38699f40a48187e93c796869a82943c2c25e1a3add4c2bf
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rPjaxz:GY9jw/dUT62rGdiUOWWr7aF
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

upatredownloader