Overview

overview

10

Static

static

3

3e7a567a7b...a6.exe

windows7-x64

10

3e7a567a7b...a6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e7a567a7bb170154c22a1278c1820a6

  • Size

    39KB

  • Sample

    240409-17gzhahf5x

  • MD5

    3e7a567a7bb170154c22a1278c1820a6

  • SHA1

    8a8e810bab4bdfa7668fd1034ebb49a8f4a7edbb

  • SHA256

    25b43df44432900f2a1239d986d19d48e6730adf2a1a68cd38a76e8596d1727c

  • SHA512

    e46eb262d1075b3e018cee51ee22daf58216cdae5f3153b86c1631113c2a79ff185e345b35eb9ec496244881ae4b7df6fdd4a98876544c63c608bcce356b8584

  • SSDEEP

    768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95k5bNITnJy/rQIAWPQ:GY9jw/dUT62rGdiUOWWrNmBsr

Score
10/10
upatredownloader

Malware Config

Targets

    • Target

      3e7a567a7bb170154c22a1278c1820a6

    • Size

      39KB

    • MD5

      3e7a567a7bb170154c22a1278c1820a6

    • SHA1

      8a8e810bab4bdfa7668fd1034ebb49a8f4a7edbb

    • SHA256

      25b43df44432900f2a1239d986d19d48e6730adf2a1a68cd38a76e8596d1727c

    • SHA512

      e46eb262d1075b3e018cee51ee22daf58216cdae5f3153b86c1631113c2a79ff185e345b35eb9ec496244881ae4b7df6fdd4a98876544c63c608bcce356b8584

    • SSDEEP

      768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95k5bNITnJy/rQIAWPQ:GY9jw/dUT62rGdiUOWWrNmBsr

    Score
    10/10
    upatredownloader

    • Upatre

      Upatre is a generic malware downloader.

      downloaderupatre

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks