upatre | 7327d8a6011b4fe417c8232e3481688a27accd88cec9a4f217de9bcdbba8c0d0 | Triage

Sharing

General

Target

5ca3f16021f308c9698481798878b4fa_JaffaCakes118
Size

42KB
Sample

240331-yml2lsbb59
MD5

5ca3f16021f308c9698481798878b4fa
SHA1

7bfb8f3591dd25cb450057b316c878f82840607f
SHA256

7327d8a6011b4fe417c8232e3481688a27accd88cec9a4f217de9bcdbba8c0d0
SHA512

38439251d46f851a7a23b16c039f536a5019768e9d7a26d0f379d3b8ca74361bbc66060b3b7c4470d9d364e0fd6283a080e00156a5568d152bfb91fecc602313
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rCBsPGTWikRyyyxOJyyyylqD7Q:GY9jw/dUT62rGdiUOWWrC6P6Ts

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  5ca3f16021f308c9698481798878b4fa_JaffaCakes118
- Size
  
  42KB
- MD5
  
  5ca3f16021f308c9698481798878b4fa
- SHA1
  
  7bfb8f3591dd25cb450057b316c878f82840607f
- SHA256
  
  7327d8a6011b4fe417c8232e3481688a27accd88cec9a4f217de9bcdbba8c0d0
- SHA512
  
  38439251d46f851a7a23b16c039f536a5019768e9d7a26d0f379d3b8ca74361bbc66060b3b7c4470d9d364e0fd6283a080e00156a5568d152bfb91fecc602313
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rCBsPGTWikRyyyxOJyyyylqD7Q:GY9jw/dUT62rGdiUOWWrC6P6Ts
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader