Extracted

• • Target

    Holland-America-Donation-Request-Form.exe

  • Size

    274.0MB

  • MD5

    761b643ce4867014456b331b1a251dc3

  • SHA1

    52685157be543065f34a7ec9eb8519c9b1855a59

  • SHA256

    6d1a637ee2263dc7918b886a8a1878fb73a000510bc6f42e0c59669487c46e82

  • SHA512

    f30eb357e0dd4eaec8de8bc08ad1a1044340b3fe55856aad68499251eab4bc5d41f422984f213fa173aeb44b3c9b8cbdc8b93780fa337365ac89150fb7fa3451

  Score

  10^/10

  jupyterbackdoorstealertrojan

  • Jupyter, SolarMarker

    Jupyter is a backdoor and infostealer first seen in mid 2020.

    backdoortrojanstealerjupyter

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  behavioral1behavioral2