upatre | b5dbfb12aa5a97e5014e64be64a2e9368ae8bb84f97643b4078f6fc9f3e82d1f | Triage

Sharing

General

Target

1c6f661deddbf56c7b470f0fe8233370_JaffaCakes118
Size

13KB
Sample

240701-zhzbtaydjf
MD5

1c6f661deddbf56c7b470f0fe8233370
SHA1

16060ae77e7d5b72df74649d5718daa75675eb45
SHA256

b5dbfb12aa5a97e5014e64be64a2e9368ae8bb84f97643b4078f6fc9f3e82d1f
SHA512

db6a93d748d73f39bc500b2f6fad2de95defed8a59fab435f2b88ad6e45a86742f88717db064880257b5a66adbdc61f84ec32d0f65076c77d0664c7535b0ac46
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjK7aylryylFyyTsqljy8PQ:v+dAURFxna4QAPQlYg7aylryylFyyTsv

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  1c6f661deddbf56c7b470f0fe8233370_JaffaCakes118
- Size
  
  13KB
- MD5
  
  1c6f661deddbf56c7b470f0fe8233370
- SHA1
  
  16060ae77e7d5b72df74649d5718daa75675eb45
- SHA256
  
  b5dbfb12aa5a97e5014e64be64a2e9368ae8bb84f97643b4078f6fc9f3e82d1f
- SHA512
  
  db6a93d748d73f39bc500b2f6fad2de95defed8a59fab435f2b88ad6e45a86742f88717db064880257b5a66adbdc61f84ec32d0f65076c77d0664c7535b0ac46
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjK7aylryylFyyTsqljy8PQ:v+dAURFxna4QAPQlYg7aylryylFyyTsv
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader