upatre | f422dc79edbc22077813b55689a02b35949501633e3f95fc2b562f9ce22b1ec4 | Triage

Sharing

General

Target

NEAS.2bc75d9aba49d7de059214be8d78c197_JC.exe
Size

89KB
Sample

231014-k6cemade75
MD5

2bc75d9aba49d7de059214be8d78c197
SHA1

345f7e17611342dacd42aa08e9a0e37a0c937418
SHA256

f422dc79edbc22077813b55689a02b35949501633e3f95fc2b562f9ce22b1ec4
SHA512

6bd7e361635e3bcdf937f4088cdbc3ed7b9182a1f097270146cf1f709d8c5856b2885d80d21d0aedf3acff689aa46e922ed7d1b4e8e4f305b12011c87c4410ea
SSDEEP

1536:DY9jw/dUT62rGdiUOWWrMbtebtfJibtfJnt8btfJntqgbtfJntqotg0Rp:DY9CUT62/UOVMbkb1Jib1Jnib1JnwgbV

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  NEAS.2bc75d9aba49d7de059214be8d78c197_JC.exe
- Size
  
  89KB
- MD5
  
  2bc75d9aba49d7de059214be8d78c197
- SHA1
  
  345f7e17611342dacd42aa08e9a0e37a0c937418
- SHA256
  
  f422dc79edbc22077813b55689a02b35949501633e3f95fc2b562f9ce22b1ec4
- SHA512
  
  6bd7e361635e3bcdf937f4088cdbc3ed7b9182a1f097270146cf1f709d8c5856b2885d80d21d0aedf3acff689aa46e922ed7d1b4e8e4f305b12011c87c4410ea
- SSDEEP
  
  1536:DY9jw/dUT62rGdiUOWWrMbtebtfJibtfJnt8btfJntqgbtfJntqotg0Rp:DY9CUT62/UOVMbkb1Jib1Jnib1JnwgbV
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader