upatre | dd55fb05f6fd9e069265a665c8e79f8eec27b50c6f9ae793bb28105a55f81a62 | Triage

Sharing

General

Target

dd55fb05f6fd9e069265a665c8e79f8eec27b50c6f9ae793bb28105a55f81a62
Size

4KB
Sample

240602-d5x7daab55
MD5

3ffa2b51c80e07ae56bcd4820aac371f
SHA1

c9eb3b825a5c267a388c120ad57fd86446243813
SHA256

dd55fb05f6fd9e069265a665c8e79f8eec27b50c6f9ae793bb28105a55f81a62
SHA512

1e706e50c306d90da6071bd5e9ac1b3cf1470a7eaf5bb1382c355dde8a25d1101a751867ac14b92591c5f827ccd2c560830d23f252d6b8a2ff72d9d07a982d79
SSDEEP

96:Z0v4mUWKh9ctgC1RMJOnKymV44ShylyzUA3:9mUWKs/JnKfzShyLA3

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  dd55fb05f6fd9e069265a665c8e79f8eec27b50c6f9ae793bb28105a55f81a62
- Size
  
  4KB
- MD5
  
  3ffa2b51c80e07ae56bcd4820aac371f
- SHA1
  
  c9eb3b825a5c267a388c120ad57fd86446243813
- SHA256
  
  dd55fb05f6fd9e069265a665c8e79f8eec27b50c6f9ae793bb28105a55f81a62
- SHA512
  
  1e706e50c306d90da6071bd5e9ac1b3cf1470a7eaf5bb1382c355dde8a25d1101a751867ac14b92591c5f827ccd2c560830d23f252d6b8a2ff72d9d07a982d79
- SSDEEP
  
  96:Z0v4mUWKh9ctgC1RMJOnKymV44ShylyzUA3:9mUWKs/JnKfzShyLA3
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader