upatre | c8a993f54c27f966d9fd80a5389986fd1656ddfcafa49b719b9c85cfcd61d0dc | Triage

Sharing

General

Target

51a7e4293812242447db937b86c17320_JaffaCakes118
Size

13KB
Sample

240331-kacerahc44
MD5

51a7e4293812242447db937b86c17320
SHA1

22cf4cccb8462fa0471f2f07c11ef762034d2afc
SHA256

c8a993f54c27f966d9fd80a5389986fd1656ddfcafa49b719b9c85cfcd61d0dc
SHA512

502e1fd745486f1e7062e5e73f6366748795959a173949ef0d876925ddca3cf3df5afa4e0856a15be1d80bb1db0bf2c3c1cde3d6a9a0d5f75024f27cf4c5b0de
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyUylyylylylyylPhw:v+dAURFxna4QAPQlYgkFlplVDuyUylyB

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  51a7e4293812242447db937b86c17320_JaffaCakes118
- Size
  
  13KB
- MD5
  
  51a7e4293812242447db937b86c17320
- SHA1
  
  22cf4cccb8462fa0471f2f07c11ef762034d2afc
- SHA256
  
  c8a993f54c27f966d9fd80a5389986fd1656ddfcafa49b719b9c85cfcd61d0dc
- SHA512
  
  502e1fd745486f1e7062e5e73f6366748795959a173949ef0d876925ddca3cf3df5afa4e0856a15be1d80bb1db0bf2c3c1cde3d6a9a0d5f75024f27cf4c5b0de
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKkFlplVDuyUylyylylylyylPhw:v+dAURFxna4QAPQlYgkFlplVDuyUylyB
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader