jupyter | d9f21efde51cea590446976fed4be674c28aed70e1aacdbb06c7a276de0cca3a | Triage

Sharing

General

Target

deimos.ps1
Size

236KB
Sample

240528-txl25scg92
MD5

ae42690369f0c382949c215f74183d2e
SHA1

d8108aef8ebced91880dbff5ba21f5a0b1f9fea1
SHA256

d9f21efde51cea590446976fed4be674c28aed70e1aacdbb06c7a276de0cca3a
SHA512

7e6c8e932dbbde70ac2285fc2738f0916c9d58eaae783b1907c7d3dfdb1fb146087c3c640811debc6c7567c74a28739a11518b14d0885ba98670acd571269108
SSDEEP

6144:hactZyjc67RGEFJ3agBs/9GySFFFAucuWj9ovXiHkraNi:LicaoSJMFMF9cuWjGiEGNi

Score

10^/10

jupyter backdoor execution stealer trojan

Malware Config

Extracted

Family

jupyter

C2

68.233.238.123

Targets

- Target
  
  deimos.ps1
- Size
  
  236KB
- MD5
  
  ae42690369f0c382949c215f74183d2e
- SHA1
  
  d8108aef8ebced91880dbff5ba21f5a0b1f9fea1
- SHA256
  
  d9f21efde51cea590446976fed4be674c28aed70e1aacdbb06c7a276de0cca3a
- SHA512
  
  7e6c8e932dbbde70ac2285fc2738f0916c9d58eaae783b1907c7d3dfdb1fb146087c3c640811debc6c7567c74a28739a11518b14d0885ba98670acd571269108
- SSDEEP
  
  6144:hactZyjc67RGEFJ3agBs/9GySFFFAucuWj9ovXiHkraNi:LicaoSJMFMF9cuWjGiEGNi
Score

10^/10

execution jupyter backdoor stealer trojan
- Jupyter, SolarMarker
  Jupyter is a backdoor and infostealer first seen in mid 2020.
  backdoor trojan stealer jupyter
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

jupyterbackdoorexecutionstealertrojan