upatre | 9dbbf9c16cb8338edb14f349e8f9e688e556f5262bf7c7b3783c65bb396984e6 | Triage

Sharing

General

Target

a62bfda431fb5970c7ef246f90314ed9.exe
Size

63KB
Sample

231129-vhkq7sad63
MD5

a62bfda431fb5970c7ef246f90314ed9
SHA1

81b9cffa0a3a69a709b2aa90ecd3acc91f6bdfe4
SHA256

9dbbf9c16cb8338edb14f349e8f9e688e556f5262bf7c7b3783c65bb396984e6
SHA512

104623bf1d9f8c8c782a86b400d551771f15ad0513724d5394679317c3b20b6fcb90d950ff838c1844ea4ef05e025540849ad0a0337f1f4eff8e12d9d42672df
SSDEEP

1536:5Y9jw/dUT62rGdiUOWWrMffJ+AxM+I+ceWgG:5Y9CUT62/UOVMffJ+AW+I+cT

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  a62bfda431fb5970c7ef246f90314ed9.exe
- Size
  
  63KB
- MD5
  
  a62bfda431fb5970c7ef246f90314ed9
- SHA1
  
  81b9cffa0a3a69a709b2aa90ecd3acc91f6bdfe4
- SHA256
  
  9dbbf9c16cb8338edb14f349e8f9e688e556f5262bf7c7b3783c65bb396984e6
- SHA512
  
  104623bf1d9f8c8c782a86b400d551771f15ad0513724d5394679317c3b20b6fcb90d950ff838c1844ea4ef05e025540849ad0a0337f1f4eff8e12d9d42672df
- SSDEEP
  
  1536:5Y9jw/dUT62rGdiUOWWrMffJ+AxM+I+ceWgG:5Y9CUT62/UOVMffJ+AW+I+cT
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader