Analysis Overview
SHA256
30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85
Threat Level: Known bad
The file 30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll was found to be: Known bad.
Malicious Activity Summary
Jupyter Backdoor/Client payload
Jupyter family
Unsigned PE
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-12-11 15:59
Signatures
Jupyter Backdoor/Client payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Jupyter family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-11 15:59
Reported
2023-12-11 16:02
Platform
win7-20231023-en
Max time kernel
24s
Max time network
19s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll,#1
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2023-12-11 15:59
Reported
2023-12-11 16:01
Platform
win10v2004-20231130-en
Max time kernel
25s
Max time network
29s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\30e527e45f50d2ba82865c5679a6fa998ee0a1755361ab01673950810d071c85.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |