upatre | a0eaab26f23b7b15963b01ac89ff3e5c79d90cab54f8d986e20b64cfab1da081 | Triage

Sharing

General

Target

NEAS.55c6bc0fcf1273e5bd775d923a5af154_JC.exe
Size

130KB
Sample

231011-s72d5saf25
MD5

55c6bc0fcf1273e5bd775d923a5af154
SHA1

3576a15b10efe2629f20163464dfdca1484e70d1
SHA256

a0eaab26f23b7b15963b01ac89ff3e5c79d90cab54f8d986e20b64cfab1da081
SHA512

ca27591219fd3a50308321e1f3f339ec26d75f7b6ec9dcd79a1c3d7b62545d84d90e708f89191740bfc1cd7819c25c50893142d28386fda645383a740260f058
SSDEEP

3072:tY9CUT62/UOVMgJsgJMgJogJwgJ0zqgJ01J3RgJ01JygJ01JK8gJ01JK2gJ01JKM:tY9C8QyFJlJFJRJZJqJyJ3CJyJbJyJWc

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  NEAS.55c6bc0fcf1273e5bd775d923a5af154_JC.exe
- Size
  
  130KB
- MD5
  
  55c6bc0fcf1273e5bd775d923a5af154
- SHA1
  
  3576a15b10efe2629f20163464dfdca1484e70d1
- SHA256
  
  a0eaab26f23b7b15963b01ac89ff3e5c79d90cab54f8d986e20b64cfab1da081
- SHA512
  
  ca27591219fd3a50308321e1f3f339ec26d75f7b6ec9dcd79a1c3d7b62545d84d90e708f89191740bfc1cd7819c25c50893142d28386fda645383a740260f058
- SSDEEP
  
  3072:tY9CUT62/UOVMgJsgJMgJogJwgJ0zqgJ01J3RgJ01JygJ01JK8gJ01JK2gJ01JKM:tY9C8QyFJlJFJRJZJqJyJ3CJyJbJyJWc
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader