upatre | bacbf58054cb51e006d01ce90695ca493c5e2328e07f86f784e2e7bc124a395d | Triage

Sharing

General

Target

258fab83ba9f70b215e2389a2d4c0878_JaffaCakes118
Size

41KB
Sample

240704-l8j3xsvhqn
MD5

258fab83ba9f70b215e2389a2d4c0878
SHA1

88dd7dab5ebd2e39157eea16f17c157bbe6bf2b4
SHA256

bacbf58054cb51e006d01ce90695ca493c5e2328e07f86f784e2e7bc124a395d
SHA512

9184061d1a5b62a5286dce4f22c5171669f48db480c6562168ba8238022361c3c279f0ec79643a40382b4b3d929dba505362481f726f263c0cff885177209f05
SSDEEP

768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rCBsPGTWikRyyjvylHlyQ:GY9jw/dUT62rGdiUOWWrC6P6Tp

Score

10^/10

upatre downloader

Malware Config

Targets

- Target
  
  258fab83ba9f70b215e2389a2d4c0878_JaffaCakes118
- Size
  
  41KB
- MD5
  
  258fab83ba9f70b215e2389a2d4c0878
- SHA1
  
  88dd7dab5ebd2e39157eea16f17c157bbe6bf2b4
- SHA256
  
  bacbf58054cb51e006d01ce90695ca493c5e2328e07f86f784e2e7bc124a395d
- SHA512
  
  9184061d1a5b62a5286dce4f22c5171669f48db480c6562168ba8238022361c3c279f0ec79643a40382b4b3d929dba505362481f726f263c0cff885177209f05
- SSDEEP
  
  768:kf1Y9RRw/dUT6vurGd/pkUOyGAv+rCBsPGTWikRyyjvylHlyQ:GY9jw/dUT62rGdiUOWWrC6P6Tp
Score

10^/10

upatre downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatredownloader

behavioral2

upatredownloader