upatre | 30f5d6c170e38ace0537092caddf08a2a39139ea636d82a18266ab7b5f111731 | Triage

Sharing

General

Target

4a61ca6334783c85f5261248aa9f5e87
Size

12KB
Sample

240108-ekbcjsafhk
MD5

4a61ca6334783c85f5261248aa9f5e87
SHA1

d58958581da5d921e75d4363bf07b8f5379baacc
SHA256

30f5d6c170e38ace0537092caddf08a2a39139ea636d82a18266ab7b5f111731
SHA512

41ab818586ffd4df8b30b551dc00485fac40736fd7a6e76188f9c2ba05afbd63e6185af27e1b06b97e4718e9aec0ab89846debcd13b69df474dd1859472185a8
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyY:v+dAURFxna4QAPQlYgkFlplVDuyY

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  4a61ca6334783c85f5261248aa9f5e87
- Size
  
  12KB
- MD5
  
  4a61ca6334783c85f5261248aa9f5e87
- SHA1
  
  d58958581da5d921e75d4363bf07b8f5379baacc
- SHA256
  
  30f5d6c170e38ace0537092caddf08a2a39139ea636d82a18266ab7b5f111731
- SHA512
  
  41ab818586ffd4df8b30b551dc00485fac40736fd7a6e76188f9c2ba05afbd63e6185af27e1b06b97e4718e9aec0ab89846debcd13b69df474dd1859472185a8
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyY:v+dAURFxna4QAPQlYgkFlplVDuyY
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader