Malware Analysis Report

2024-10-16 02:56

Sample ID 231211-tfjkpabddq
Target 30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll
SHA256 30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85
Tags
jupyter
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85

Threat Level: Known bad

The file 30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll was found to be: Known bad.

Malicious Activity Summary

jupyter

Jupyter Backdoor/Client payload

Jupyter family

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-11 15:59

Signatures

Jupyter Backdoor/Client payload

Description Indicator Process Target
N/A N/A N/A N/A

Jupyter family

jupyter

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-11 15:59

Reported

2023-12-11 16:02

Platform

win7-20231023-en

Max time kernel

24s

Max time network

19s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-11 15:59

Reported

2023-12-11 16:01

Platform

win10v2004-20231130-en

Max time kernel

25s

Max time network

29s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp

Files

N/A