upatre | ba1d8b575d19c10651312a8c75221b81b1abeb1d89e58d3574070871194c35fa | Triage

Resubmissions

08-03-2024 13:26

240308-qpvsjaga76 10

07-03-2024 23:43

240307-3qy8kaad9v 10

Sharing

General

Target

ba1d8b575d19c10651312a8c75221b81b1abeb1d89e58d3574070871194c35fa
Size

40KB
Sample

240307-3qy8kaad9v
MD5

a73607e431097f1e74130d2bf6c5a2fd
SHA1

7f8f3ad4bd02a46071a0a10f5bba4071a129d5e9
SHA256

ba1d8b575d19c10651312a8c75221b81b1abeb1d89e58d3574070871194c35fa
SHA512

60cd69504b583e72c9e392dbcde49eca52b6589ddb0911df9d584521138f187b53ffa9af15e3eb0648e759ed90e589776df3c63cecbab875aa75a15d9cdf98ce
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rPy8Fj6wtVeldaBy6ERb3/kQCjWtBkQhMWG7:GY9jw/dUT62rGdiUOWWra8FcHb3uBWt+

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  ba1d8b575d19c10651312a8c75221b81b1abeb1d89e58d3574070871194c35fa
- Size
  
  40KB
- MD5
  
  a73607e431097f1e74130d2bf6c5a2fd
- SHA1
  
  7f8f3ad4bd02a46071a0a10f5bba4071a129d5e9
- SHA256
  
  ba1d8b575d19c10651312a8c75221b81b1abeb1d89e58d3574070871194c35fa
- SHA512
  
  60cd69504b583e72c9e392dbcde49eca52b6589ddb0911df9d584521138f187b53ffa9af15e3eb0648e759ed90e589776df3c63cecbab875aa75a15d9cdf98ce
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rPy8Fj6wtVeldaBy6ERb3/kQCjWtBkQhMWG7:GY9jw/dUT62rGdiUOWWra8FcHb3uBWt+
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader