upatre | 865c19fbb9dbdbb54ba4d9caad29720d25d77a3ddbbcc1708e372d7bc2a3d388 | Triage

Resubmissions

03-08-2024 17:20

240803-vwsnzazdln 10

27-07-2024 00:13

240727-ahwhgsxcjb 10

Sharing

General

Target

865c19fbb9dbdbb54ba4d9caad29720d25d77a3ddbbcc1708e372d7bc2a3d388
Size

38KB
Sample

240727-ahwhgsxcjb
MD5

e097419880fda699d17e6f8eacb660c2
SHA1

81bd0b318fe5b662ccdef14c1e0900f87284747c
SHA256

865c19fbb9dbdbb54ba4d9caad29720d25d77a3ddbbcc1708e372d7bc2a3d388
SHA512

440e2d86cea3f7bbde8a97add8db0f8e605222304e6d43dca99c48b38bf08d083c47c8bdf88009a5f0159fc7df6d7766c96a3ec5b20ca935d4c20c0cfbe329d7
SSDEEP

768:v+dAURFxna4QAPQlYgkFlplVDuyUylyylylytlylySyPyb+L7Gdr/5syyoEdylYc:v6wosj+swSdes

Score

10^/10

upatre discovery downloader

Malware Config

Targets

- Target
  
  865c19fbb9dbdbb54ba4d9caad29720d25d77a3ddbbcc1708e372d7bc2a3d388
- Size
  
  38KB
- MD5
  
  e097419880fda699d17e6f8eacb660c2
- SHA1
  
  81bd0b318fe5b662ccdef14c1e0900f87284747c
- SHA256
  
  865c19fbb9dbdbb54ba4d9caad29720d25d77a3ddbbcc1708e372d7bc2a3d388
- SHA512
  
  440e2d86cea3f7bbde8a97add8db0f8e605222304e6d43dca99c48b38bf08d083c47c8bdf88009a5f0159fc7df6d7766c96a3ec5b20ca935d4c20c0cfbe329d7
- SSDEEP
  
  768:v+dAURFxna4QAPQlYgkFlplVDuyUylyylylytlylySyPyb+L7Gdr/5syyoEdylYc:v6wosj+swSdes
Score

10^/10

upatre discovery downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatrediscoverydownloader

behavioral2

upatrediscoverydownloader