upatre | ab2256740857bd670ee5ee6064073aa0343f2e0da4cc522f9d3d35f438ef0ab6 | Triage

Sharing

General

Target

NEAS.022c0be05d759a1ba60f17caf49578a0_JC.exe
Size

8KB
Sample

231011-s6cpdsad77
MD5

022c0be05d759a1ba60f17caf49578a0
SHA1

46ab0ab9b62cb7aa2507c21d53587696a9b7e117
SHA256

ab2256740857bd670ee5ee6064073aa0343f2e0da4cc522f9d3d35f438ef0ab6
SHA512

7d49031d6d08ceaa1f4f0aef867e90a0158370770fa8b7d6a124bbefed1f884cdcf93c52b04d6abddbe53b1a54dad69df7e3d5a2599cb5e3dbcffe2fd4777bbe
SSDEEP

192:9mUWKs/L1nKfzShZ2ZEe9de/PKIbdWyYIQZK:6K+LJKfzQYhP4SIbdWyYIQZK

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  NEAS.022c0be05d759a1ba60f17caf49578a0_JC.exe
- Size
  
  8KB
- MD5
  
  022c0be05d759a1ba60f17caf49578a0
- SHA1
  
  46ab0ab9b62cb7aa2507c21d53587696a9b7e117
- SHA256
  
  ab2256740857bd670ee5ee6064073aa0343f2e0da4cc522f9d3d35f438ef0ab6
- SHA512
  
  7d49031d6d08ceaa1f4f0aef867e90a0158370770fa8b7d6a124bbefed1f884cdcf93c52b04d6abddbe53b1a54dad69df7e3d5a2599cb5e3dbcffe2fd4777bbe
- SSDEEP
  
  192:9mUWKs/L1nKfzShZ2ZEe9de/PKIbdWyYIQZK:6K+LJKfzQYhP4SIbdWyYIQZK
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader