upatre | 1d22294427d545d706834a2fc6144d57ebb35a22a4f1609fb667dbbba240d37b | Triage

Sharing

General

Target

f5f40657d309a0ea205244a2a23e1c39_JaffaCakes118
Size

13KB
Sample

240417-rgvy1abb99
MD5

f5f40657d309a0ea205244a2a23e1c39
SHA1

062e77b9b7d716ee1d4f89b19fdb5eb76de0d6ca
SHA256

1d22294427d545d706834a2fc6144d57ebb35a22a4f1609fb667dbbba240d37b
SHA512

e320810fc1b6ce5d8e0bfc3b4eec4550a181d221d8f0ca782a45feba9c7c1b1509b2dc6d994033b2289ce2dacead88b17ca0f75bae86d59e420401ca64f9689d
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjK7aylryylFyylYLlmylylyy8yyCJ:v+dAURFxna4QAPQlYg7aylryylFyylY2

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  f5f40657d309a0ea205244a2a23e1c39_JaffaCakes118
- Size
  
  13KB
- MD5
  
  f5f40657d309a0ea205244a2a23e1c39
- SHA1
  
  062e77b9b7d716ee1d4f89b19fdb5eb76de0d6ca
- SHA256
  
  1d22294427d545d706834a2fc6144d57ebb35a22a4f1609fb667dbbba240d37b
- SHA512
  
  e320810fc1b6ce5d8e0bfc3b4eec4550a181d221d8f0ca782a45feba9c7c1b1509b2dc6d994033b2289ce2dacead88b17ca0f75bae86d59e420401ca64f9689d
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjK7aylryylFyylYLlmylylyy8yyCJ:v+dAURFxna4QAPQlYg7aylryylFyylY2
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader