upatre | ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a | Triage

Sharing

General

Target

ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a
Size

57KB
Sample

240806-bl8snavbrr
MD5

2ac400de0145dd620833ce652b43c464
SHA1

167e29363266f1de568c2d7dcaf744534f5842fc
SHA256

ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a
SHA512

84b405d83e449f4b9ade212cceac82ce5756a83fe8e85c61ac68e28af4aa07d29c99e6fafd74be8dfba04fa6710ad23b28422fae1056c382931ae49f72711946
SSDEEP

768:v+xAURMDKRji3xVfIs3rtC5bdFrCZa2fCOoj5ZuLHXMZLXPJHPLk182440yqspTb:vCWDKUlsCZD1mh8txVQnlRIlz

Score

10^/10

upatre discovery downloader

Malware Config

Targets

- Target
  
  ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a
- Size
  
  57KB
- MD5
  
  2ac400de0145dd620833ce652b43c464
- SHA1
  
  167e29363266f1de568c2d7dcaf744534f5842fc
- SHA256
  
  ab6a6c8161abd6c9c106643a36f39bea0c24b8c4399991fd12fec6377db3af6a
- SHA512
  
  84b405d83e449f4b9ade212cceac82ce5756a83fe8e85c61ac68e28af4aa07d29c99e6fafd74be8dfba04fa6710ad23b28422fae1056c382931ae49f72711946
- SSDEEP
  
  768:v+xAURMDKRji3xVfIs3rtC5bdFrCZa2fCOoj5ZuLHXMZLXPJHPLk182440yqspTb:vCWDKUlsCZD1mh8txVQnlRIlz
Score

10^/10

upatre discovery downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatrediscoverydownloader

behavioral2

upatrediscoverydownloader