upatre | 8b415185b3bb2144e6b0f6d6f936adc802c415f8ccbece0206e6bad0b9541be2 | Triage

Sharing

General

Target

a8890ad2a8832f94db0ef4255a97d8b8_JC.exe
Size

29KB
Sample

231003-wtcemsef5t
MD5

a8890ad2a8832f94db0ef4255a97d8b8
SHA1

a3cdd6dc2207f486349ef5153b915cccb61dc7cb
SHA256

8b415185b3bb2144e6b0f6d6f936adc802c415f8ccbece0206e6bad0b9541be2
SHA512

46e9180bd97ac2349b6fe0d6cc37b07bb2d177c064fe2bc87ad7bcbbe554730fe1391b439b28f17d2956bf9754db1c3263e4fe69ff8d11649eebe41dbc009ad1
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh9TdX/K:GY9jw/dUT62rGdiUOWWrk

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  a8890ad2a8832f94db0ef4255a97d8b8_JC.exe
- Size
  
  29KB
- MD5
  
  a8890ad2a8832f94db0ef4255a97d8b8
- SHA1
  
  a3cdd6dc2207f486349ef5153b915cccb61dc7cb
- SHA256
  
  8b415185b3bb2144e6b0f6d6f936adc802c415f8ccbece0206e6bad0b9541be2
- SHA512
  
  46e9180bd97ac2349b6fe0d6cc37b07bb2d177c064fe2bc87ad7bcbbe554730fe1391b439b28f17d2956bf9754db1c3263e4fe69ff8d11649eebe41dbc009ad1
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh9TdX/K:GY9jw/dUT62rGdiUOWWrk
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader