upatre | 7bf7ed3a70780aa3d29bd73e1965af60c5b86e3244be5f20eb3a3e775c907e76 | Triage

Sharing

General

Target

ddd0b344e7ccc45800d66dc377cb50ba_JC.exe
Size

59KB
Sample

231001-x6v8ysed22
MD5

ddd0b344e7ccc45800d66dc377cb50ba
SHA1

a7b938938a0ab48482f0369f0df2cf4fa4f4fefc
SHA256

7bf7ed3a70780aa3d29bd73e1965af60c5b86e3244be5f20eb3a3e775c907e76
SHA512

10db2382e961d4de1d27b78822fee08305099769099da555a784df470a4cd46c57ae8880689029ccb482452c70d6c65def43a10826fe082272bb4d9bd4de84da
SSDEEP

1536:5Y9jw/dUT62rGdiUOWWrMffJ+AxM+I+ceWE:5Y9CUT62/UOVMffJ+AW+I+cI

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  ddd0b344e7ccc45800d66dc377cb50ba_JC.exe
- Size
  
  59KB
- MD5
  
  ddd0b344e7ccc45800d66dc377cb50ba
- SHA1
  
  a7b938938a0ab48482f0369f0df2cf4fa4f4fefc
- SHA256
  
  7bf7ed3a70780aa3d29bd73e1965af60c5b86e3244be5f20eb3a3e775c907e76
- SHA512
  
  10db2382e961d4de1d27b78822fee08305099769099da555a784df470a4cd46c57ae8880689029ccb482452c70d6c65def43a10826fe082272bb4d9bd4de84da
- SSDEEP
  
  1536:5Y9jw/dUT62rGdiUOWWrMffJ+AxM+I+ceWE:5Y9CUT62/UOVMffJ+AW+I+cI
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader