upatre | 21306663759f6979166c329eec58c658a38d73e723ebea51ecd1e81a07051345 | Triage

Sharing

General

Target

9fb23254be6c571a90d1feec2a60ca0f_JaffaCakes118
Size

12KB
Sample

240816-yh5yxstbkg
MD5

9fb23254be6c571a90d1feec2a60ca0f
SHA1

e1f93264b7ff5cd92a83e76eda4c5564dbdc345f
SHA256

21306663759f6979166c329eec58c658a38d73e723ebea51ecd1e81a07051345
SHA512

ce8245c0aaa316785fc18458be93abc95208632d6751823c1b44b6c636b3c83f56f45571126c39cc6d0cc03fa605f67f5ea6c1d82f603549ce9d73b49225ffdf
SSDEEP

384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKhYjlyyuALylbyy7yQ:v+dAURFxna4QAPQlYghmlyyuALylbyyT

Score

10^/10

upatre discovery downloader

Malware Config

Targets

- Target
  
  9fb23254be6c571a90d1feec2a60ca0f_JaffaCakes118
- Size
  
  12KB
- MD5
  
  9fb23254be6c571a90d1feec2a60ca0f
- SHA1
  
  e1f93264b7ff5cd92a83e76eda4c5564dbdc345f
- SHA256
  
  21306663759f6979166c329eec58c658a38d73e723ebea51ecd1e81a07051345
- SHA512
  
  ce8245c0aaa316785fc18458be93abc95208632d6751823c1b44b6c636b3c83f56f45571126c39cc6d0cc03fa605f67f5ea6c1d82f603549ce9d73b49225ffdf
- SSDEEP
  
  384:6K+dKfzQHxFxRmyja4QhiP7UlY/pjKhYjlyyuALylbyy7yQ:v+dAURFxna4QAPQlYghmlyyuALylbyyT
Score

10^/10

upatre discovery downloader
- Upatre
  Upatre is a generic malware downloader.
  downloader upatre
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

upatrediscoverydownloader

behavioral2

upatrediscoverydownloader