upatre | 9260684f202848c0c64b4e1a8358eb5f603774411a240c9523f1a6927cc61045 | Triage

Sharing

General

Target

9260684f202848c0c64b4e1a8358eb5f603774411a240c9523f1a6927cc61045N.exe
Size

7KB
Sample

250208-jdztsatrgl
MD5

f53201c382dc5a3c8819b8c7b294a680
SHA1

434d60962983c0bf7692c6621d304a519b8f5fc6
SHA256

9260684f202848c0c64b4e1a8358eb5f603774411a240c9523f1a6927cc61045
SHA512

8c0b9d390729a9da3a310ac30dcdb73c176862017d485ff06b557ab671e6b051620cbc711f88a007dee97f4c4fb363443c178ff3186dd842c1834b161f791c76
SSDEEP

48:Zdni+Wyi18DN0nCvTaE6nc9fhXcGEY3sJd9ga91RsnnA7B8mOo4jUx7OtKGcEl/g:Z0v4mUWKh9ctgC1R8nKymV44ShJl/Xw

Score

10^/10

upatre discovery downloader

Malware Config

Targets

- Target
  
  9260684f202848c0c64b4e1a8358eb5f603774411a240c9523f1a6927cc61045N.exe
- Size
  
  7KB
- MD5
  
  f53201c382dc5a3c8819b8c7b294a680
- SHA1
  
  434d60962983c0bf7692c6621d304a519b8f5fc6
- SHA256
  
  9260684f202848c0c64b4e1a8358eb5f603774411a240c9523f1a6927cc61045
- SHA512
  
  8c0b9d390729a9da3a310ac30dcdb73c176862017d485ff06b557ab671e6b051620cbc711f88a007dee97f4c4fb363443c178ff3186dd842c1834b161f791c76
- SSDEEP
  
  48:Zdni+Wyi18DN0nCvTaE6nc9fhXcGEY3sJd9ga91RsnnA7B8mOo4jUx7OtKGcEl/g:Z0v4mUWKh9ctgC1R8nKymV44ShJl/Xw
Score

10^/10

upatre discovery downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Upatre family
  upatre
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatrediscoverydownloader

behavioral2

upatrediscoverydownloader