jupyter | deimos[.]dll | Triage

Sharing

General

Target

deimos.dll
Size

140KB
MD5

699f49bc599edc3dd22552785c47da3b
SHA1

2cac1d9a10326545e07c93049cbb8434e0b897a3
SHA256

f5552ce676db6d5f5ea968bfd5d2580a64a6da0ad92b6a44de93e9ac748d62de
SHA512

d806dd958f494b6340d76c2ae1636df524115f4dacaaae723e0e2fc09540a908102a1aa6373222e2fd8ff8ffd92a40459a1987ad5e93c183c9b08175d39beeca

Score

10^/10

jupyter

Malware Config

Extracted

Family

jupyter

C2

http://146.70.53.153

Signatures

Jupyter 1 IoCs

Processes:

resource yara_rule

sample Jupyter
Jupyter family
jupyter

Files

deimos.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ