upatre | 486bace70fc33408f1f8504e52c01806229a765a5341546292d0d744e2534844 | Triage

Sharing

General

Target

44ba8ed64d6e67b0b203b2053e687f21_JaffaCakes118
Size

13KB
Sample

240330-1dw7bsfa5z
MD5

44ba8ed64d6e67b0b203b2053e687f21
SHA1

2686960fe872658eb744bd6a99bcddb8dbfb2dd6
SHA256

486bace70fc33408f1f8504e52c01806229a765a5341546292d0d744e2534844
SHA512

751c6ee0db2717e6f37a306b33e190c6b76c065f8b06f2e8715d7e9cd2df0dcb27b83b38b510f4d32efad50886bd8a86cecb3d07cb704e35ae986e6587079d11
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyUyGyylqFlyylkQ:v+dAURFxna4QAPQlYgkFlplVDuyUyGy5

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  44ba8ed64d6e67b0b203b2053e687f21_JaffaCakes118
- Size
  
  13KB
- MD5
  
  44ba8ed64d6e67b0b203b2053e687f21
- SHA1
  
  2686960fe872658eb744bd6a99bcddb8dbfb2dd6
- SHA256
  
  486bace70fc33408f1f8504e52c01806229a765a5341546292d0d744e2534844
- SHA512
  
  751c6ee0db2717e6f37a306b33e190c6b76c065f8b06f2e8715d7e9cd2df0dcb27b83b38b510f4d32efad50886bd8a86cecb3d07cb704e35ae986e6587079d11
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyUyGyylqFlyylkQ:v+dAURFxna4QAPQlYgkFlplVDuyUyGy5
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader