upatre | e3089705b373298bd3341e47b64afd4fb280ebd6bd93946e0a5dcfd895093fb2 | Triage

Sharing

General

Target

5ca3f16021f308c9698481798878b4fa.zip
Size

14KB
Sample

240831-btj49sxfkb
MD5

c535a01dfc6acc809e7d6b695d77f270
SHA1

a7749b1a5d4a5a6a7c5af8a00db5a8475fb540a0
SHA256

e3089705b373298bd3341e47b64afd4fb280ebd6bd93946e0a5dcfd895093fb2
SHA512

7326b3c2561d28e42defc3cd66e28e76158d58f5980f903ffbdf857a37f66eb93700bd61112b8e385ffb6cffb4170089e65a9afe8286aeb5cd75115d78e6c6d6
SSDEEP

384:iTx6gOq8DT8gnkki6uoHl5RrOhyF3jo+E:uxivT82fir4pG4joV

Score

10^/10

upatre discovery downloader

Malware Config

Targets

- Target
  
  7327d8a6011b4fe417c8232e3481688a27accd88cec9a4f217de9bcdbba8c0d0
- Size
  
  42KB
- MD5
  
  5ca3f16021f308c9698481798878b4fa
- SHA1
  
  7bfb8f3591dd25cb450057b316c878f82840607f
- SHA256
  
  7327d8a6011b4fe417c8232e3481688a27accd88cec9a4f217de9bcdbba8c0d0
- SHA512
  
  38439251d46f851a7a23b16c039f536a5019768e9d7a26d0f379d3b8ca74361bbc66060b3b7c4470d9d364e0fd6283a080e00156a5568d152bfb91fecc602313
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rCBsPGTWikRyyyxOJyyyylqD7Q:GY9jw/dUT62rGdiUOWWrC6P6Ts
Score

10^/10

upatre discovery downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatrediscoverydownloader

behavioral2

upatrediscoverydownloader