upatre | 915d419715eef666c30a7aa6f1530f90e755b66ca4ae0f95c3ced979ecff0b7d | Triage

Sharing

General

Target

2ee921b3054e3ca19ef6bc2b0a1f52a1_JaffaCakes118
Size

14KB
Sample

240330-abn5tsdc43
MD5

2ee921b3054e3ca19ef6bc2b0a1f52a1
SHA1

5034c1198a0b929dbaef92fe0044513d6ad953e6
SHA256

915d419715eef666c30a7aa6f1530f90e755b66ca4ae0f95c3ced979ecff0b7d
SHA512

120238fa3cde2d7cd64b876bec3770b5e65fa65951ae6bbe956280cd1a156182b945bb02f4a029ce4a51443a0a7a1a707a8c127be10cd9213f2ce4f31b9fcb47
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjK7aylryylFyylYLlmylylyy9lmplyEJy:v+dAURFxna4QAPQlYg7aylryylFyylYG

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  2ee921b3054e3ca19ef6bc2b0a1f52a1_JaffaCakes118
- Size
  
  14KB
- MD5
  
  2ee921b3054e3ca19ef6bc2b0a1f52a1
- SHA1
  
  5034c1198a0b929dbaef92fe0044513d6ad953e6
- SHA256
  
  915d419715eef666c30a7aa6f1530f90e755b66ca4ae0f95c3ced979ecff0b7d
- SHA512
  
  120238fa3cde2d7cd64b876bec3770b5e65fa65951ae6bbe956280cd1a156182b945bb02f4a029ce4a51443a0a7a1a707a8c127be10cd9213f2ce4f31b9fcb47
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjK7aylryylFyylYLlmylylyy9lmplyEJy:v+dAURFxna4QAPQlYg7aylryylFyylYG
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader