Overview

overview

10

Static

static

3

installer-...64.exe

windows10-1703-x64

10

installer-...64.exe

windows10-2004-x64

10

installer-...64.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    installer-build-x64.exe

  • Size

    6.4MB

  • Sample

    240305-yqcx4sfh9t

  • MD5

    73eaf7991cd33cf43bfc376ad0dc2eec

  • SHA1

    45a2fab7ccb7dcea9822786d071cd053efeedd94

  • SHA256

    bb00eae53865d5d316941969455270a84a6e7039e119bdcff9d2ff3460385cdd

  • SHA512

    40186521417514afda9a7ce4b27f7727ba38880695b0f7a48698ac4a9fab0335e98160e56dffe8e196a92b48f9ead882d6196c932e3e9119623f5c6e7004ef5e

  • SSDEEP

    196608:allllllllllllllllllllllllllllllllllO:allllllllllllllllllllllllllllllG

Score
10/10
jupyterbackdoorstealertrojan

Malware Config

Targets

    • Target

      installer-build-x64.exe

    • Size

      6.4MB

    • MD5

      73eaf7991cd33cf43bfc376ad0dc2eec

    • SHA1

      45a2fab7ccb7dcea9822786d071cd053efeedd94

    • SHA256

      bb00eae53865d5d316941969455270a84a6e7039e119bdcff9d2ff3460385cdd

    • SHA512

      40186521417514afda9a7ce4b27f7727ba38880695b0f7a48698ac4a9fab0335e98160e56dffe8e196a92b48f9ead882d6196c932e3e9119623f5c6e7004ef5e

    • SSDEEP

      196608:allllllllllllllllllllllllllllllllllO:allllllllllllllllllllllllllllllG

    Score
    10/10
    jupyterbackdoorstealertrojan

    • Jupyter, SolarMarker

      Jupyter is a backdoor and infostealer first seen in mid 2020.

      backdoortrojanstealerjupyter

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks