Static task
static1
Behavioral task
behavioral1
Sample
DABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZEBHCXAS8oDW5KCGZVeZHHLnzKlBYSPUA77DDUhIBMXHaOlELLX5luDMUXKG.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
DABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZEBHCXAS8oDW5KCGZVeZHHLnzKlBYSPUA77DDUhIBMXHaOlELLX5luDMUXKG.dll
Resource
win10v2004-20220414-en
General
-
Target
DABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZEBHCXAS8oDW5KCGZVeZHHLnzKlBYSPUA77DDUhIBMXHaOlELLX5luDMUXKG
-
Size
402KB
-
MD5
bc38ae4c392fcc2aeb7de2b123e813d0
-
SHA1
44131b1d646ab6a0ef8673ad34ba9aeb87595cc1
-
SHA256
6301bea8c6f7ff1d640f5043c208cb10c6ddec254271a82d8fedcfdc816ae7e4
-
SHA512
c324fdbc75293cccee7a413a67c57117888f0aaae3cb494fe1120c7fc4ce3de615b7cd24d6948687cd1bc249c58ce7c68bf37ca977f2d14c9e6d0a0bd8b9406f
-
SSDEEP
6144:aOb6OemMpMjjf5BGd+gm5t2FXiPZiJQQN/KZEWSCUhf9:aG6O13BBlKFkIHThf9
Malware Config
Extracted
jupyter
http://146.70.101.97
Signatures
-
Jupyter family
Files
-
DABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZEBHCXAS8oDW5KCGZVeZHHLnzKlBYSPUA77DDUhIBMXHaOlELLX5luDMUXKG.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorDllMain
Sections
.text Size: 400KB - Virtual size: 399KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ