upatre | c315dcb1963665c2c01c8274c71b484833b89be0604daf54551d1d1975079274 | Triage

Submit
Reports

Overview

overview

Static

static

c315dcb196...74.exe

windows7-x64

c315dcb196...74.exe

windows10-2004-x64

Sharing

General

Target

c315dcb1963665c2c01c8274c71b484833b89be0604daf54551d1d1975079274
Size

9KB
Sample

240524-deex4sag64
MD5

036b9780123ccf9b3ca23e1353e28078
SHA1

e4f76b5970ef1b0f9f01a1aecc8037c1ed4f01f7
SHA256

c315dcb1963665c2c01c8274c71b484833b89be0604daf54551d1d1975079274
SHA512

7f50cd548bea36a49e8470bd3662600bba05a54c56131b559c11bbdd7164df7c4d384a4ed4d16515af22c0ecae603b9d1681f28fcc2fde89f62c47b2e6ff3ae8
SSDEEP

192:IFsXvZsk3d/ZcfFaQZT6CSJB8Oye3Q4pagU5lLOqN:asX7d/ZctaQZT6CSB8Oye3Q4K5pX

Score

10^/10

upatre downloader upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

c315dcb1963665c2c01c8274c71b484833b89be0604daf54551d1d1975079274.exe

Resource

win7-20240215-en

upatre downloader upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

c315dcb1963665c2c01c8274c71b484833b89be0604daf54551d1d1975079274.exe

Resource

win10v2004-20240426-en

upatre downloader upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  c315dcb1963665c2c01c8274c71b484833b89be0604daf54551d1d1975079274
- Size
  
  9KB
- MD5
  
  036b9780123ccf9b3ca23e1353e28078
- SHA1
  
  e4f76b5970ef1b0f9f01a1aecc8037c1ed4f01f7
- SHA256
  
  c315dcb1963665c2c01c8274c71b484833b89be0604daf54551d1d1975079274
- SHA512
  
  7f50cd548bea36a49e8470bd3662600bba05a54c56131b559c11bbdd7164df7c4d384a4ed4d16515af22c0ecae603b9d1681f28fcc2fde89f62c47b2e6ff3ae8
- SSDEEP
  
  192:IFsXvZsk3d/ZcfFaQZT6CSJB8Oye3Q4pagU5lLOqN:asX7d/ZctaQZT6CSB8Oye3Q4K5pX
Score

10^/10

upatre downloader upx
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

upatredownloaderupx

behavioral2

upatredownloaderupx

© 2018-2024

Terms | Privacy