Resubmissions

13-06-2022 00:01

220613-abeldsgfe4 10

13-05-2022 11:12

220513-natwkshggn 10

General

  • Target

    1d4ab34baa9e5c2cc73ec2788ca8d849befe8c0ef5d8fdd5b7a4bed5de6ebaff.7z

  • Size

    9.8MB

  • Sample

    220513-natwkshggn

  • MD5

    9b0c1a7cc5d030437bfb54cd9ef474de

  • SHA1

    df19bef17e87ba8da1262134cbdffa1c714865d2

  • SHA256

    6828ce39fa7de6c4efabe1c7b6d19213c56d094c12731ff035bd114408e52263

  • SHA512

    ce9891d6aef778c65bd6ec8cd0f0ba6e8a2606b3c682732587bf940fd6dfeeeec9581ee310b70feb8e5306d82d6349d1336900b1bbbcad9377c442b47a22b492

Malware Config

Targets

    • Target

      1d4ab34baa9e5c2cc73ec2788ca8d849befe8c0ef5d8fdd5b7a4bed5de6ebaff

    • Size

      209.7MB

    • MD5

      b565d27f58b8510377a192dd5a920033

    • SHA1

      5db24c39dffeed0ca8b302892c850f13fb981ca5

    • SHA256

      1d4ab34baa9e5c2cc73ec2788ca8d849befe8c0ef5d8fdd5b7a4bed5de6ebaff

    • SHA512

      9494bdfea2f3c3a97ff0407097aff1e7c602811a2b4929ea10d0229fa5e3371fffd80a9876077ab88841e3be125b1c5ebd26c41ad570a6ea50b4c4e4883a9231

    • Jupyter, SolarMarker

      Jupyter is a backdoor and infostealer first seen in mid 2020.

    • suricata: ET MALWARE Jupyter Stealer CnC Checkin

      suricata: ET MALWARE Jupyter Stealer CnC Checkin

    • Blocklisted process makes network request

    • Drops startup file

MITRE ATT&CK Matrix

Tasks