upatre | 4b52458363abc72930122709e53bb9c99e5ec496f3980f4dfbb214e8708caa53 | Triage

Sharing

General

Target

NEAS.b0764a5e24c0ab081b543d4ac9ca7b40.exe
Size

43KB
Sample

231101-rlwq4aeg8w
MD5

b0764a5e24c0ab081b543d4ac9ca7b40
SHA1

27659ce209165584fdaea6d08b58d1df19f4f0bb
SHA256

4b52458363abc72930122709e53bb9c99e5ec496f3980f4dfbb214e8708caa53
SHA512

8004ca24e67eaae53fdec41dc641f30c48f2da11ef48a521d68202a403c168c14adf454abe80412de95dfbc3e85a8ecd00726477a09fb5238b84713a5c70b946
SSDEEP

768:v+dAURFxna4QAPQlYgkFlplVDuyUylyylylytlylySyPyb+L7Gdr/5syyoEdylYg:v6wosj+swSde80A

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  NEAS.b0764a5e24c0ab081b543d4ac9ca7b40.exe
- Size
  
  43KB
- MD5
  
  b0764a5e24c0ab081b543d4ac9ca7b40
- SHA1
  
  27659ce209165584fdaea6d08b58d1df19f4f0bb
- SHA256
  
  4b52458363abc72930122709e53bb9c99e5ec496f3980f4dfbb214e8708caa53
- SHA512
  
  8004ca24e67eaae53fdec41dc641f30c48f2da11ef48a521d68202a403c168c14adf454abe80412de95dfbc3e85a8ecd00726477a09fb5238b84713a5c70b946
- SSDEEP
  
  768:v+dAURFxna4QAPQlYgkFlplVDuyUylyylylytlylySyPyb+L7Gdr/5syyoEdylYg:v6wosj+swSde80A
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader