Behavioral task
behavioral1
Sample
8fd41c46bbe847bc09e761fa8a5e0ffb3e8fed3667fc9a3625a45fabb8193394.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8fd41c46bbe847bc09e761fa8a5e0ffb3e8fed3667fc9a3625a45fabb8193394.dll
Resource
win10v2004-20240226-en
General
-
Target
8fd41c46bbe847bc09e761fa8a5e0ffb3e8fed3667fc9a3625a45fabb8193394
-
Size
354KB
-
MD5
a7853ba052b0f67b9c1d4f367359a4f7
-
SHA1
35a900197ee631f18fe74fd4a9f0979809c1025b
-
SHA256
8fd41c46bbe847bc09e761fa8a5e0ffb3e8fed3667fc9a3625a45fabb8193394
-
SHA512
1f11c52d5bbb9efa092e83a9289f85be0bf703a5a6ae795331778d2bcea8ae120fcd447e06cdb38ecb786d18f891d03d6b17f59a641284f004a784c3dcbe91ad
-
SSDEEP
6144:pljVd91sSd8mI6Eo+s7sBNrOFPHTXRfjbDfbJu3ez62KnDLd1u+:bj5SSd8k+s7UNSFPTRfrUez62K
Malware Config
Extracted
jupyter
2.58.15.118
Signatures
-
Jupyter family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 8fd41c46bbe847bc09e761fa8a5e0ffb3e8fed3667fc9a3625a45fabb8193394
Files
-
8fd41c46bbe847bc09e761fa8a5e0ffb3e8fed3667fc9a3625a45fabb8193394.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 353KB - Virtual size: 352KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ