jupyter | 33e84991bc45ac2a30fede5f0f7d7d9708a320e7467c75141be354e161a37f57 | Triage

Sharing

General

Target

deimos.ps1
Size

780KB
Sample

240513-wqdtasgb9x
MD5

b3740fb57fbb7318cfac8d844ec5d9c7
SHA1

0ea243f20d2491a075232ae9e9ceabd054fd8d4b
SHA256

33e84991bc45ac2a30fede5f0f7d7d9708a320e7467c75141be354e161a37f57
SHA512

8146703cc5c3791f8486b44759dc18dc650dcdc52a4d83288df066fe8c1a845d5f4bb2d0fe185ba1069a91b4e628e9e8fd4bca46d930079a86e254038138addd
SSDEEP

24576:kMZFAQWxCiFcGD5sj069FywUNoEvOJN+R0FHRfJGp:1A1DeFVyN/R0RGp

Score

10^/10

jupyter backdoor execution stealer trojan

Malware Config

Extracted

Family

jupyter

C2

146.70.158.83

Targets

- Target
  
  deimos.ps1
- Size
  
  780KB
- MD5
  
  b3740fb57fbb7318cfac8d844ec5d9c7
- SHA1
  
  0ea243f20d2491a075232ae9e9ceabd054fd8d4b
- SHA256
  
  33e84991bc45ac2a30fede5f0f7d7d9708a320e7467c75141be354e161a37f57
- SHA512
  
  8146703cc5c3791f8486b44759dc18dc650dcdc52a4d83288df066fe8c1a845d5f4bb2d0fe185ba1069a91b4e628e9e8fd4bca46d930079a86e254038138addd
- SSDEEP
  
  24576:kMZFAQWxCiFcGD5sj069FywUNoEvOJN+R0FHRfJGp:1A1DeFVyN/R0RGp
Score

10^/10

execution jupyter backdoor stealer trojan
- Jupyter, SolarMarker
  Jupyter is a backdoor and infostealer first seen in mid 2020.
  backdoor trojan stealer jupyter
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

jupyterbackdoorexecutionstealertrojan

behavioral3

jupyterbackdoorexecutionstealertrojan