upatre | 7d8cb147dc1decf552bc378a303b486ceb1f71a2ad09e6866f3f1ac9bab1e275 | Triage

Sharing

General

Target

68d747a391999aede953e1647243e751_JaffaCakes118
Size

33KB
Sample

240401-f1h8rseh74
MD5

68d747a391999aede953e1647243e751
SHA1

473a4b1ef1156f934204f75a9765c9622231c253
SHA256

7d8cb147dc1decf552bc378a303b486ceb1f71a2ad09e6866f3f1ac9bab1e275
SHA512

2521ca6330eb160f8d0d209de4485d543d003380ae4486f4b724fe335cc629dd81b818b83da61d4bd1d9ca24c4e8c8a43001af26a537821ff4db0a4f2e1844b0
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95kRCaC0yvQ:GY9jw/dUT62rGdiUOWWrNlq

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  68d747a391999aede953e1647243e751_JaffaCakes118
- Size
  
  33KB
- MD5
  
  68d747a391999aede953e1647243e751
- SHA1
  
  473a4b1ef1156f934204f75a9765c9622231c253
- SHA256
  
  7d8cb147dc1decf552bc378a303b486ceb1f71a2ad09e6866f3f1ac9bab1e275
- SHA512
  
  2521ca6330eb160f8d0d209de4485d543d003380ae4486f4b724fe335cc629dd81b818b83da61d4bd1d9ca24c4e8c8a43001af26a537821ff4db0a4f2e1844b0
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rh95kRCaC0yvQ:GY9jw/dUT62rGdiUOWWrNlq
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader