Malware Analysis Report

2024-10-24 18:08

Sample ID 220430-pewfmsdfgr
Target solarmarker4302022.dll
SHA256 9039b8a126bd77489059e05ff83d1d6bd62bcc1e9cffe1d59227ab26cf447b61
Tags
jupyter
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9039b8a126bd77489059e05ff83d1d6bd62bcc1e9cffe1d59227ab26cf447b61

Threat Level: Known bad

The file solarmarker4302022.dll was found to be: Known bad.

Malicious Activity Summary

jupyter

Jupyter family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-04-30 12:15

Signatures

Jupyter family

jupyter

Analysis: behavioral1

Detonation Overview

Submitted

2022-04-30 12:15

Reported

2022-04-30 12:17

Platform

win7-20220414-en

Max time kernel

43s

Max time network

45s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\solarmarker4302022.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\solarmarker4302022.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2022-04-30 12:15

Reported

2022-04-30 12:17

Platform

win10v2004-20220414-en

Max time kernel

140s

Max time network

150s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\solarmarker4302022.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\solarmarker4302022.dll,#1

Network

Country Destination Domain Proto
US 8.248.21.254:80 tcp
US 8.248.21.254:80 tcp
IE 13.69.239.72:443 tcp
US 8.248.21.254:80 tcp
US 8.248.21.254:80 tcp
US 8.248.21.254:80 tcp

Files

N/A