jupyter | f0190f7407d0c6e1a4dfea3bd0967db95cd9c89274dafc1043524ff213840743 | Triage

Submit
Reports

Overview

overview

Static

static

Adobe-Inde...ee.msi

windows7_x64

8

Adobe-Inde...ee.msi

windows10_x64

Resubmissions

02-10-2021 16:02

211002-tg7znsedh5 10

26-09-2021 14:41

210926-r2e4aafaa8 10

Sharing

General

Target

solarmarkerdropper.7z
Size

1.6MB
Sample

210926-r2e4aafaa8
MD5

5c828f80bb6ed5acbce17fb9b9bcfaaa
SHA1

43a93be2e452b0a3b602487639f5739ac90fa90e
SHA256

f0190f7407d0c6e1a4dfea3bd0967db95cd9c89274dafc1043524ff213840743
SHA512

1290f401b1b3ef98cca1d0676272d28ccca8352d2ee9ff8259df4a1793d27b36a7e12545db841774b38b3596cc31f555e4c22fbf98ddb6263b5f6a99120e944a

Score

10^/10

jupyter backdoor discovery stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Adobe-Indesign-Business-Plan-Template-Free.msi

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Adobe-Indesign-Business-Plan-Template-Free.msi

Resource

win10v20210408

jupyter backdoor discovery stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

jupyter

Version

SP-18

C2

http://188.241.83.61

Targets

- Target
  
  Adobe-Indesign-Business-Plan-Template-Free.msi
- Size
  
  108.5MB
- MD5
  
  82dbf0d2b49de42dc700df7c96b41eb1
- SHA1
  
  509c08fd9805cf2034fec547c0fc962423a96a3b
- SHA256
  
  7ada6e666c34aacaf7c93d11ca2e563ec53da37fb23a181631809d0d5ef14387
- SHA512
  
  3d256fba291eb2f4a81ef53d8db8a333f3fb26a9a2c90e3c28bb0a944dc8bba2a2c8902232b14e6a9debdf93a2ff100faabb2be2053aac7fc2ccbdbd2f98fc83
Score

10^/10

discovery jupyter backdoor stealer trojan
- Jupyter Backdoor/Client Payload
- Jupyter, SolarMarker
  Jupyter is a backdoor and infostealer first seen in mid 2020.
  backdoor trojan stealer jupyter
- Blocklisted process makes network request
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

jupyterbackdoordiscoverystealertrojan

© 2018-2024

Terms | Privacy