jupyter | 241131b0b79e8047f27fd1b6e05ea7acd08ba4ed39222d398e3069ae5318b84e | Triage

Sharing

General

Target

deimos.ps1
Size

266KB
Sample

240603-yf8l2afh2x
MD5

78284ae33b93caf7d4dca169bead6818
SHA1

f5f557ebd67e09b6035f5c3741302248edc9fa73
SHA256

241131b0b79e8047f27fd1b6e05ea7acd08ba4ed39222d398e3069ae5318b84e
SHA512

efe782b977d2702ae9b015e0b902986aa37a29b829fe25c3d0b0bfef155ec201b241c806e891c894881bc57a229adbfc409a60a21486202070c40c1fdc859b33
SSDEEP

6144:Ss/r0Kdpao8KNmoGjJLgJYg5EmjVmyeFfc2EIdZDyiDgOohr:b/zdpvahLg2wEqVmye22EygYIr

Score

10^/10

jupyter backdoor execution stealer trojan

Malware Config

Extracted

Family

jupyter

C2

68.233.238.123

Targets

- Target
  
  deimos.ps1
- Size
  
  266KB
- MD5
  
  78284ae33b93caf7d4dca169bead6818
- SHA1
  
  f5f557ebd67e09b6035f5c3741302248edc9fa73
- SHA256
  
  241131b0b79e8047f27fd1b6e05ea7acd08ba4ed39222d398e3069ae5318b84e
- SHA512
  
  efe782b977d2702ae9b015e0b902986aa37a29b829fe25c3d0b0bfef155ec201b241c806e891c894881bc57a229adbfc409a60a21486202070c40c1fdc859b33
- SSDEEP
  
  6144:Ss/r0Kdpao8KNmoGjJLgJYg5EmjVmyeFfc2EIdZDyiDgOohr:b/zdpvahLg2wEqVmye22EygYIr
Score

10^/10

execution jupyter backdoor stealer trojan
- Jupyter, SolarMarker
  Jupyter is a backdoor and infostealer first seen in mid 2020.
  backdoor trojan stealer jupyter
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

jupyterbackdoorexecutionstealertrojan