jupyter | d6ab9dd46f669738a41aa8940168de7774dec7b26ec2bdf6f6a83c5b1cc6f719 | Triage

Sharing

General

Target

deimos.ps1
Size

289KB
Sample

240518-w3xryaha4z
MD5

289b6aa41fc5cf7f7e22ef52788d80b8
SHA1

b829e4a469dbb9a925a7f8bb2b92d6d4d7204e12
SHA256

d6ab9dd46f669738a41aa8940168de7774dec7b26ec2bdf6f6a83c5b1cc6f719
SHA512

1c17d84fddb37573b7269794bc19314de25dff5d6d10353fa6289d8a124fd3a2e61b96d73fcf933c49685015c64737e3d45c901973193c2a4dc149c16e7223ad
SSDEEP

6144:7LE4P5tEgJVFH6Hdov5NAcMrJI+lUVS8inV6du+hwUw42o3TGK2c+BKyYYZBRly:/ZP5tEoFc+H6K+GcV6s+mUw42oKKYKiC

Score

10^/10

jupyter backdoor execution stealer trojan

Malware Config

Extracted

Family

jupyter

C2

2.58.15.118

Targets

- Target
  
  deimos.ps1
- Size
  
  289KB
- MD5
  
  289b6aa41fc5cf7f7e22ef52788d80b8
- SHA1
  
  b829e4a469dbb9a925a7f8bb2b92d6d4d7204e12
- SHA256
  
  d6ab9dd46f669738a41aa8940168de7774dec7b26ec2bdf6f6a83c5b1cc6f719
- SHA512
  
  1c17d84fddb37573b7269794bc19314de25dff5d6d10353fa6289d8a124fd3a2e61b96d73fcf933c49685015c64737e3d45c901973193c2a4dc149c16e7223ad
- SSDEEP
  
  6144:7LE4P5tEgJVFH6Hdov5NAcMrJI+lUVS8inV6du+hwUw42o3TGK2c+BKyYYZBRly:/ZP5tEoFc+H6K+GcV6s+mUw42oKKYKiC
Score

10^/10

jupyter backdoor execution stealer trojan
- Jupyter, SolarMarker
  Jupyter is a backdoor and infostealer first seen in mid 2020.
  backdoor trojan stealer jupyter
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

jupyterbackdoorexecutionstealertrojan

behavioral2

jupyterbackdoorexecutionstealertrojan

behavioral3

jupyterbackdoorexecutionstealertrojan