Behavioral task
behavioral1
Sample
xABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZTxZLBeXnDV9.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
xABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZTxZLBeXnDV9.dll
Resource
win10v2004-20240508-en
General
-
Target
xABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZTxZLBeXnDV9.dll
-
Size
400KB
-
MD5
875d06db9dc10d9694046373ab76e92b
-
SHA1
1d51f1049baba27f2967b4849004f5dedeb7e0bc
-
SHA256
8d610d9014d0f80b06c615c9f0dbf150f21752df67d77cdd225bb31f9e7be798
-
SHA512
9f1f4535903b8554b6213e0d9231c2ec4ab93e580e413b0b164575434aef3f1306e70224d19d0abff49db57edf82248afc486ed1f688e5213a33a1391c0d0207
-
SSDEEP
6144:/S1GMQhWiKJHscoCLvdrnrLbd3LxeJgj0yqQci37knzVUIV/l:1AhoYdrnLd3L8pCeV/
Malware Config
Extracted
jupyter
2.58.15.118
Signatures
-
Jupyter family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource xABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZTxZLBeXnDV9.dll
Files
-
xABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZTxZLBeXnDV9.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 373KB - Virtual size: 372KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ