upatre | 51207b8b6f0828fee1b3b03af5eef3f1f66811d0e437576454a0da20262faea2 | Triage

Sharing

General

Target

44ba8ed64d6e67b0b203b2053e687f21.zip
Size

5KB
Sample

240831-t27veatfre
MD5

ce3752a5e24ceecf56f61441328c86be
SHA1

b226bb012782367ba84141c1e87931d346ffc472
SHA256

51207b8b6f0828fee1b3b03af5eef3f1f66811d0e437576454a0da20262faea2
SHA512

e90b4525f4257c9d5aed791e540af5fe3920277e0c871495156270b35350d7eedc76eba78f9f37beba740de7322a4fd339a64b6bf2b9861484b798202d3eb378
SSDEEP

96:qCV5Y9QE9YnfAjser1pEDZ5PpKDqf5y1XRMZzhz+VqX:qCVQKnfAlwZBpKeTZztX

Score

10^/10

upatre discovery downloader

Malware Config

Targets

- Target
  
  486bace70fc33408f1f8504e52c01806229a765a5341546292d0d744e2534844
- Size
  
  13KB
- MD5
  
  44ba8ed64d6e67b0b203b2053e687f21
- SHA1
  
  2686960fe872658eb744bd6a99bcddb8dbfb2dd6
- SHA256
  
  486bace70fc33408f1f8504e52c01806229a765a5341546292d0d744e2534844
- SHA512
  
  751c6ee0db2717e6f37a306b33e190c6b76c065f8b06f2e8715d7e9cd2df0dcb27b83b38b510f4d32efad50886bd8a86cecb3d07cb704e35ae986e6587079d11
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyUyGyylqFlyylkQ:v+dAURFxna4QAPQlYgkFlplVDuyUyGy5
Score

10^/10

upatre discovery downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatrediscoverydownloader

behavioral2

upatrediscoverydownloader